Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware.Trace


  • This topic is locked This topic is locked
4 replies to this topic

#1 beezZa

beezZa

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 24 February 2011 - 08:45 PM

I cant seem to remove malware.trace after several scans with malwarebytes and spybot SD. i have run the scans in safe mode, regular mode, and have even taken the HDD out and put it in a drive sled and scanned that way. Any help is really appreciated.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5842

Windows 5.1.2600 Service Pack 3, v.3264
Internet Explorer 8.0.6001.18702

2/24/2011 8:24:19 PM
mbam-log-2011-02-24 (20-24-19).txt

Scan type: Full scan (C:\|)
Objects scanned: 194879
Time elapsed: 26 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\winset.ini (Malware.Trace) -> Quarantined and deleted successfully.


GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-24 20:44:33
Windows 5.1.2600 Service Pack 3, v.3264 Harddisk0\DR0 -> \Device\Ide\IdePort0 SAMSUNG_HM060HC rev.YJ100-19
Running: 9j9m5tw9.exe; Driver: C:\DOCUME~1\Tresa\LOCALS~1\Temp\uwacrpod.sys


---- System - GMER 1.0.15 ----

SSDT spgy.sys ZwCreateKey [0xF74360E0]
SSDT spgy.sys ZwEnumerateKey [0xF7454CA4]
SSDT spgy.sys ZwEnumerateValueKey [0xF7455032]
SSDT spgy.sys ZwOpenKey [0xF74360C0]
SSDT spgy.sys ZwQueryKey [0xF745510A]
SSDT spgy.sys ZwQueryValueKey [0xF7454F8A]
SSDT spgy.sys ZwSetValueKey [0xF745519C]

INT 0x3B ? 897EAF00
INT 0x3B ? 897EAF00
INT 0x3B ? 897EAF00
INT 0x3B ? 897EAF00
INT 0x3E ? 89BA7BF8
INT 0x3F ? 89BA7BF8

---- Kernel code sections - GMER 1.0.15 ----

? naba.sys The system cannot find the file specified. !
? spgy.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload B62008AC 5 Bytes JMP 897EA4E0
.text a2wpxs3q.SYS B5DD3386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a2wpxs3q.SYS B5DD33AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a2wpxs3q.SYS B5DD33C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text a2wpxs3q.SYS B5DD33C9 1 Byte [30]
.text a2wpxs3q.SYS B5DD33C9 11 Bytes [30, 00, 00, 00, 5C, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESP; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\System32\svchost.exe[1436] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 00E7000A
.text C:\WINDOWS\System32\svchost.exe[1436] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 00E8000A
.text C:\WINDOWS\System32\svchost.exe[1436] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 5 Bytes JMP 00E6000C
.text C:\WINDOWS\System32\svchost.exe[1436] USER32.dll!GetCursorPos 7E41BD6E 5 Bytes JMP 01A1000A
.text C:\WINDOWS\System32\svchost.exe[1436] USER32.dll!WindowFromPoint 7E41BD86 5 Bytes JMP 01A2000A
.text C:\WINDOWS\System32\svchost.exe[1436] USER32.dll!GetForegroundWindow 7E41BE43 5 Bytes JMP 01A3000A
.text C:\WINDOWS\System32\svchost.exe[1436] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 00EC000A
.text C:\WINDOWS\Explorer.EXE[1884] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 00CB000A
.text C:\WINDOWS\Explorer.EXE[1884] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 00CC000A
.text C:\WINDOWS\Explorer.EXE[1884] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 5 Bytes JMP 00CA000C
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1972] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2028] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2]
.text C:\WINDOWS\system32\wuauclt.exe[2176] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 0123000A
.text C:\WINDOWS\system32\wuauclt.exe[2176] ntdll.dll!NtWriteVirtualMemory 7C90DF90 5 Bytes JMP 0124000A
.text C:\WINDOWS\system32\wuauclt.exe[2176] ntdll.dll!KiUserExceptionDispatcher 7C90E45C 5 Bytes JMP 0122000C
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtMapViewOfSection + 6 7C90D506 1 Byte [28]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtMapViewOfSection + 6 7C90D506 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtMapViewOfSection + B 7C90D50B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes CALL 7B90EBFC
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes CALL 7B90EC6D
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes CALL 7B90ED9B
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [E2]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 1 Byte [68]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtUnmapViewOfSection + 6 7C90DEF6 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\Tresa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtUnmapViewOfSection + B 7C90DEFB 1 Byte [E2]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 89BA92D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7467C4C] spgy.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7467CA0] spgy.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7437042] spgy.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F743713E] spgy.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74370C0] spgy.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F7437800] spgy.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74376D6] spgy.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 897EA5E0
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7446E9C] spgy.sys
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlInitUnicodeString] 8800001C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!swprintf] 001CB286
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeSetEvent] C61AEB00
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 001C8186
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 86C61200
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] 00001C83
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmFreeMappingAddress] 8E868801
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 8800001C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 001CAA86
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmUnmapIoSpace] 80968B00
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 8900001C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IofCompleteRequest] 001C9C96
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlCompareUnicodeString] C6168B00
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IofCallDriver] 001CB986
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 428A0A00
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] BA86880C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoConnectInterrupt] 8B00001C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoDetachDevice] 24A48DFA
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeWaitForSingleObject] 00000000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeInitializeEvent] 4B8BDF8B
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeCancelTimer] 8D3F0304
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] CB033043
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlInitAnsiString] 0673C13B
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] C13B0003
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoQueueWorkItem] 8366FA72
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmMapIoSpace] 75000E7B
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 0B7D80E3
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoReportDetectedDevice] 307B8D00
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoReportResourceForDetection] 00AA840F
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 83660000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!NlsMbCodePageTag] 6A000E7A
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!PoRequestPowerIrp] C6647400
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 001CBB86
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] 4F8B0200
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!sprintf] 968D5140
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 00001C90
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ObfDereferenceObject] 2266E852
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 478B0000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 50016A40
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ZwClose] 1CAC8E8D
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] E8510000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 00002254
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 6A18538B
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!PoStartNextPowerIrp] 868D5200
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoCreateDevice] 00001C98
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 2242E850
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 4B8B0000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 51016A18
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ZwOpenKey] 1CB4968D
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlFreeUnicodeString] E8520000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoStartTimer] 00002230
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeInitializeTimer] 8A05478A
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoInitializeTimer] 001CBB8E
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeInitializeDpc] 30C48300
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeInitializeSpinLock] 1CBD8688
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoInitializeIrp] 80E90000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ZwCreateKey] C6000000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 001CBB86
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 438B0100
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ZwSetValueKey] 8E8D5018
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeInsertQueueDpc] 00001C90
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 2202E851
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoStartPacket] 538B0000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 52016A18
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 1CAC868D
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoFreeMdl] E8500000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmUnlockPages] 000021F0
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 8A05478A
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 001CBB8E
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 18C48300
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 1CBD8688
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeSynchronizeExecution] 43EB0000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoStartNextPacket] 320C538A
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeBugCheckEx] 88F93BC0
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 001CBB96
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeSetTimer] F6317300
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!_allmul] 74070647
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmProbeAndLockPages] 75C0841A
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!_except_handler3] 05578A0B
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!PoSetPowerState] 968801B0
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 00001CBD
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 57B60F66
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 533B6604
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!_aulldiv] 03087408
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!strstr] 72F93B3F
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!_strupr] 8A09EBDA
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeQuerySystemTime] 86880547
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 00001CBD
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!KeTickCount] 88084B8A
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 001CBE8E
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoDeleteDevice] 40578B00
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 8D52006A
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoAllocateWorkItem] 001CC086
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoAllocateIrp] 81E85000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoAllocateMdl] 8B000021
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 001CB88E
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmLockPagableDataSection] BC968B00
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 8900001C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 001CC48E
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!ExFreePoolWithTag] C8968900
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoFreeIrp] 8B00001C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!IoFreeWorkItem] 016A4047
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!InitSafeBootMode] CCC68150
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!RtlCompareMemory] 5600001C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!PoCallDriver] 002157E8
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!memmove] 18C48300
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[ntoskrnl.exe!MmHighestUserAddress] 5D5B5E5F
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!READ_PORT_UCHAR] 1C8D9E88
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!KeGetCurrentIrql] 9E880000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!KfRaiseIrql] 00001CA9
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!KfLowerIrql] 0E798366
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!HalGetInterruptVector] 74AAB000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!HalTranslateBusAddress] 8186C636
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!KfReleaseSpinLock] 1C8386C6
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!READ_PORT_USHORT] 001C8E86
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CAA
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[WMILIB.SYS!WmiSystemControl] 8800001C
IAT \SystemRoot\System32\Drivers\a2wpxs3q.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB19E

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 89BA61F8
Device \Driver\sptd \Device\3628174208 spgy.sys
Device \Driver\usbuhci \Device\USBPDO-0 897D91F8
Device \Driver\usbuhci \Device\USBPDO-1 897D91F8
Device \Driver\usbuhci \Device\USBPDO-2 897D91F8
Device \Driver\usbehci \Device\USBPDO-3 897B71F8
Device \Driver\PCI_PNP2336 \Device\00000048 spgy.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{C6AD38F4-18A5-4BAB-97B9-87E1032C4E84} 890F31F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 89C161F8
Device \Driver\Cdrom \Device\CdRom0 897AA1F8
Device \Driver\Cdrom \Device\CdRom1 897AA1F8
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 89AEE27F
Device \Driver\atapi \Device\Ide\IdePort0 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 89AEE27F
Device \Driver\atapi \Device\Ide\IdePort1 [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-e 89AEE27F
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F7978B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 890F31F8
Device \Driver\NetBT \Device\NetbiosSmb 890F31F8
Device \Driver\usbuhci \Device\USBFDO-0 897D91F8
Device \Driver\usbuhci \Device\USBFDO-1 897D91F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 88F831F8
Device \Driver\usbuhci \Device\USBFDO-2 897D91F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 88F831F8
Device \Driver\usbehci \Device\USBFDO-3 897B71F8
Device \Driver\Ftdisk \Device\FtControl 89C161F8
Device \Driver\a2wpxs3q \Device\Scsi\a2wpxs3q1Port2Path0Target0Lun0 897A61F8
Device \Driver\a2wpxs3q \Device\Scsi\a2wpxs3q1 897A61F8
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs 898A1500
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskSAMSUNG_HM060HC_________________________YJ100-19#30535839444a5030303833323230202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xA2 0x9A 0x8C 0x06 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x75 0xBA 0xAD 0x3A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x33 0xAE 0x5E 0x8A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xA2 0x9A 0x8C 0x06 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x75 0xBA 0xAD 0x3A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x33 0xAE 0x5E 0x8A ...

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior;

---- EOF - GMER 1.0.15 ----

Edited by Orange Blossom, 24 February 2011 - 09:15 PM.
Moved to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 beezZa

beezZa
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 24 February 2011 - 09:55 PM

here is another scan that is disturbing to me:


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5842

Windows 5.1.2600 Service Pack 3, v.3264
Internet Explorer 8.0.6001.18702

2/24/2011 9:45:27 PM
mbam-log-2011-02-24 (21-45-20).txt

Scan type: Full scan (C:\|)
Objects scanned: 195059
Time elapsed: 36 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 64
Files Infected: 582

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52794457-af6c-4c50-9def-f2e24f4c8889} (PUP.WhiteSmoke) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{52794457-af6c-4c50-9def-f2e24f4c8889} (PUP.WhiteSmoke) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52794457-AF6C-4C50-9DEF-F2E24F4C8889} (PUP.WhiteSmoke) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{52794457-AF6C-4C50-9DEF-F2E24F4C8889} (PUP.WhiteSmoke) -> Value: {52794457-AF6C-4C50-9DEF-F2E24F4C8889} -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files\whitesmoketoolbar (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\modules (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\newtab (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\newtab\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\scripts (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\scripts (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\scripts (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\scripts (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data\dynamicelements (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data\rss (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data\search (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data\weather (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\dtxwizard (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\dtxwizard\skin (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\dtxwizard\skin\icon_library (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\dtxwizard\skin\icon_library\Basics (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\scripts (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\options (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\searchbar (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\components (PUP.WhiteSmoke) -> No action taken.
c:\documents and settings\networkservice\application data\whitesmoketoolbar (PUP.WhiteSmoke) -> No action taken.

Files Infected:
c:\WINDOWS\Temp\2508480 (PUP.BHO) -> No action taken.
c:\WINDOWS\Temp\3875280 (PUP.BHO) -> No action taken.
c:\WINDOWS\system32\winset.ini (Malware.Trace) -> No action taken.
c:\program files\whitesmoketoolbar\manifest.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\toolbar.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\uninstall.exe (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\whitesmoketoolbar.dll (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\whitesmoketoolbarx.dll (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\neterror.xhtml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\preferences.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\toolbar.htm (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\toolbar.xul (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\vmncode.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\vmnrsswin.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\about.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\dtxpanel.xul (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\dtxpanelwin.xul (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\dtxprefwin.xul (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\dtxwin.xul (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\emailnotifierproviders.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\external.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\neterror.xhtml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\rsspreview.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\rsswin.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\rsswin.xsl (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\vmncode.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\lib\wmpstreamer.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\modules\datastore.jsm (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\newtab\newtab.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\newtab\images\btn_search.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\newtab\images\bullet.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\newtab\images\field_bg.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\newtab\images\powered_by_yahoo.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\tb_icon.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\widget.jsw (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\widget.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\widget_version.txt (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\main.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\css\dialog.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\bg.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\btn-wide-close.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\default.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\transparent.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\win-btm-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\win-btm-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\images\win-btm-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.facebook\skin\scripts\defscript.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\tb_icon.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\Thumbs.db (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\widget.jsw (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\widget.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\widget_version.txt (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\css\twitter.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrollbottom.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\btn-login-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\btn-login.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\btn-submit.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\loginbg.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\refresh-over.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\refresh.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrollbottom-disable.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrollbottom-down.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrollbottom-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrolltop-disable.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrolltop-down.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrolltop-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\scrolltop.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\tab-off-l.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\tab-off-r.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\tab-on-l.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\tab-on-r.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\throbber.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\Thumbs.db (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\twitter-logo48.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\images\twitter_top.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\js\jquery.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\js\scripts.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\main.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\css\dialog.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\bg.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\btn-wide-close.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\default.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\transparent.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\win-btm-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\win-btm-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\images\win-btm-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.twitter\skin\scripts\defscript.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\tb_icon.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\widget.jsw (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\widget.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\widget_version.txt (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\main.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\css\dialog.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\bg.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\btn-search.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\btn-wide-close.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\default.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\Thumbs.db (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\transparent.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\win-btm-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\win-btm-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\images\win-btm-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.webtv\skin\scripts\defscript.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\index.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\tb_icon.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\widget.jsw (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\widget.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\widget_version.txt (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\css\dialog.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollt.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\arrow-grey.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\arrows_grey-left.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\arrows_grey-right.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\btn-search-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\btn-search.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\powered-by-youtube.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollb-disable.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollb-down.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollb.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollt-disable.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\scrollt-down.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-off-l.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-off-r.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-on-l.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-on-r.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-over-l.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-over-r.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-red-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-red-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-red-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-white-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-white-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\tab-white-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\throbber.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\Thumbs.db (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\vid-bg.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\images\youtube.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\js\jquery-1.3.2.min.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\js\jquery.autocomplete.min.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\main.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\css\dialog.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\bg.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\btn-search.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\btn-wide-close.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\default.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\Thumbs.db (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\transparent.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\win-btm-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\win-btm-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\images\win-btm-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\content\widgets\net.vmn.www.youtube\skin\scripts\defscript.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data\dynamicelements\vmntoolbar.xsl (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data\rss\rss.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data\search\engines.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data\search\search.xsl (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\data\weather\icons.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\634017460871087500_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\about.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\babylon_logo.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\bing_16x16.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\bing_searchicon_20x22_spaced_hover_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\bing_searchicon_20x22_spaced_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\blank_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\bluelite.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\bluesky.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\btn-search-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\btn-search.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\btn-settings.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\btn-widgets-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\btn-widgets.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\btn_settings.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\ca.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\checkmytext_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\checkmytext_png_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\dictionary.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\dictionary_png_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\divider.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\downloadcom.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\dtxlogo.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\email.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\email_on.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\eteacher_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\facebook.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\feed_icon2_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\feed_icon_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\france_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\games.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\gamesicon_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\games_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred0.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred0_5.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred1.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred1_5.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred2.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred2_5.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred3.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred3_5.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred4.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred4_5.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphred5.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\graphredna.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\grey.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\ico-shield.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\images.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\italy_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lichen.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\logo-about.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\logo-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\logo-separator.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\logo.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\mail.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\menuseparatorback.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\modify-save.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\modify.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\modifyhot.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\music.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\namespacetoolbar.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\networkicons_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\btn-settings-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\dictionary_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-found.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\shopping.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\vmn.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\news.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\orange.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\pixsy.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\protect-id.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\relatedlinks.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-collapse.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-delete.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-expand.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-feed.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-folder-remove.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-folder-rename.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-folder.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-reload.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss-subscribe.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rssback.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rsstopback.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\rss_feed_icon_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\search-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\search.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\settings.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\siteinfo.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\skin-bluelite.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\skin-bluesky.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\skin-grey.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\skin-lichen.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\skin-orange.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\skin-yellow.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\skin.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\spain_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\technorati.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\throbber.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\toolbarsplitter.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\translate.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\translate_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\translate_png_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\truste_about.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\tvicons_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\tvicon_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\tv_icon3_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\usa_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\vmn.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\web.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\whtsmke_logo_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\whtsmke_logo_png2_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\whtsmke_logo_png3_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\whtsmke_logo_png4_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\whtsmke_logo_png5_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\whtsmke_logo_png_png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\wikipedia.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\yahoosearch.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\yellow.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\youtube.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\zoom.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\dtxwizard\skin\icon_library\Basics\folder.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\add.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\aol.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\arrow-dn.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\arrow-right-disabled.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\arrow-right.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\arrow-up.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btn-divider.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btn-end.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btn-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btn-mdl_ff.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btn-start.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btnover-divider.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btnover-end.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btnover-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btnover-mdl_ff.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\blank.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\btn-widgets-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\btn-widgets.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\btnback-down-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\btnback-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\btnleft-down-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\btnleft-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\btnright-down-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\btnright-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\btn_slider.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\button-splitter-down-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\button-splitter-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\checkmark.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\chevron.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\collapse.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\comcast.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\dtx.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\edit-back-hot.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\edit-back.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\expand.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\found.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\gmail.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\highlight.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\highlight_blue.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\highlight_cyan.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\highlight_lime.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\highlight_yellow.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\hotmail.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\ico-check.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\imap.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\lastsearch-thumb-back.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\loadingmid.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\lock.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\logo-separator.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\mailcom.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menuitem-splitter.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menuitemback-down-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menuitemback-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menuitemleft-down-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menuitemleft-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menuitemright-down-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menuitemright-vista.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menu_bg-basic.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menu_separator_bar.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\bg-btnover-start.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\highlight_magenta.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\menu_separator_white.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\modify.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\move.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\movetarget.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\pop.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\reload.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\remove.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\rename.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\resize-box.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\rss.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\rsschannelback.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\RSSLogo.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\rsstabdivider.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\scroll-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\scroll-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\search-go.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\search.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\text-ellipsis.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\throbber.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\toolbarsplitter.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\transparent_1px.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\yahoo.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\footer.htm (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\gamecategory.xsl (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\gameData.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\gameList.xsl (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\games.xsl (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\gametype.xsl (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\inithtml.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\popupgames.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\popuphtml.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\popuprss.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\popupwidgets.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\scroll.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\css\panels.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\css\popupabout.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\css\popupgames.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\css\popupRSS.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\css\popupwidgets.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\main.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\css\dialog.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\bg.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\btn-search.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\btn-wide-close.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\default.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\tab-off-l.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\tab-off-r.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\tab-on-l.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\tab-on-r.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\transparent.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\ttlbar-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\ttlbar-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-btm-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-btm-mdl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-btm-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\images\win-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\default\scripts\defscript.js (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\gamethumb-on.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scroll-topwin.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\arrow-dn.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\arrow-sml-drop.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\arrow-sml.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\arrow-up.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\arrowr-bluew5.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\bg-aboutbox.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\bg-btnover.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\bg-pnl520x390.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-back.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-close-grey.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-close-greyover.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-drag.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-moredetails.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-next-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-next.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-previous-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-previous.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\bullet-orange.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\gamethumb2-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-calendar.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-download.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-joystick24.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-news24.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-play.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\ico-tags.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-Add.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-download.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-info.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-play.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\icon-shop.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\menul-bgon.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\menul-bgover.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\panel-botm-noscroll.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scroll-bg-206.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scroll-bg.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollb-disable.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollb-down.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollb-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollb.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollt-disable.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollt-down.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollt-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\scrollt.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\star_x_grey.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\star_x_orange.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\truste_about.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\view-detailed-on.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\view-detailed-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\view-thumb-on.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\view-thumb-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\widgets-square-16px.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\widgets-square-24px.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\panels\images\widgets.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\managerpanel.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\volumeslider.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\css\manager.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\css\slider.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-off.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\bg-pnl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\btn-close-grey.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\btn-close-greyover.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\collapsed_button.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\expanded_button.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\ico-playstation-down.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\ico-playstation-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\ico-playstation.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\ico-radio.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\music-note.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-btn-pause-on.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-btn-pause.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-btn-play-on.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-btn-play.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-bg.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-buffer.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-busy.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-on.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-eq-warning.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-options-design-on.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-options-design.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-options-on.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-options.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-0.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-1.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-2.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-3.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\radio-volume-mute.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\scrollbar-handle.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\scrollbar-track.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\slider.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\slideron.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\radio\images\track.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_07.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_02.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_03.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_04.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_06.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_08.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_09.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_10.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_11.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_12.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_13.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_14.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_15.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_16.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_18.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_19.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_20.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\border_21.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\btn-close-grey.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\btn-close-greyover.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\close-hot.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\close-normal.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\loadingmid.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\proxy.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\template.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\template.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\templateff.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\uwa\throbber.gif (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\cond999.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\icons.xml (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\na-s.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\na-t.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\na.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\icons\weather.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\popupweather.css (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\popupweather.html (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\add.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\box-check.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\options\options-main.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\options\options-search.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\options\options-weather.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\options\options-widgets.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\searchbar\searchbar-background-left.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\searchbar\searchbar-background-middle.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\chrome\skin\searchbar\searchbar-background-right.png (PUP.WhiteSmoke) -> No action taken.
c:\program files\whitesmoketoolbar\components\windowmediator.js (PUP.WhiteSmoke) -> No action taken.
c:\documents and settings\networkservice\application data\whitesmoketoolbar\dtx.ini (PUP.WhiteSmoke) -> No action taken.
c:\documents and settings\networkservice\application data\whitesmoketoolbar\exeArgs.xml (PUP.WhiteSmoke) -> No action taken.
c:\documents and settings\networkservice\application data\whitesmoketoolbar\guid.dat (PUP.WhiteSmoke) -> No action taken.
c:\documents and settings\networkservice\application data\whitesmoketoolbar\setupCfg.xml (PUP.WhiteSmoke) -> No action taken.

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:29 AM

Posted 28 February 2011 - 12:10 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.


We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.


In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply





Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


"just click on Cancel, then Accept".


information and logs:

  • In your next post I need the following

  • .logs from DDS
  • log from RKUnHooker
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:29 AM

Posted 03 March 2011 - 08:38 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:29 AM

Posted 06 March 2011 - 09:47 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users