:Processes Explorer.EXE :OTL IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.myquickfinder.com FF - HKLM\software\mozilla\Firefox\Extensions\{40f1eb95-4de4-4f36-a826-054ee36bb905}: C:\Program Files\Gameztar Toolbar\2.1.3.6670\FFToolbar [2009-12-22 23:53:04 | 00,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\Extensions\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\4.2.0.2150\FF [2009-12-22 23:53:35 | 00,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\Extensions\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.2.0.5360\FF [2009-12-22 23:53:59 | 00,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\Extensions\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.2.0.2050\FF [2009-12-22 23:54:13 | 00,000,000 | —D | M] [2009-12-22 23:55:50 | 00,000,000 | —D | M] (QuestService) – C:\Program Files\Mozilla Firefox\extensions{AAF6454A-4000-4015-84C1-6CD844C06B19} [2009-12-22 23:55:52 | 00,002,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\questservice110.xml O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Automated Content Enhancer) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.2.0.5360\ACEIEAddOn.dll () O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.2.0.2050\CPAIEAddOn.dll () O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll () O2 - BHO: (Textual Content Provider) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.2.0.1960\TCPIE.dll () O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O2 - BHO: (Gameztar Toolbar) - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll () O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.2.0.2080\CMWIE.dll () O2 - BHO: (Textual Content Provider) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.2.0.1960\TCPIE.dll () O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O2 - BHO: (Gameztar Toolbar) - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll () O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.2.0.2150\WSO.dll () O3 - HKLM…\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare) O3 - HKLM…\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM…\Toolbar: (Gameztar Toolbar) - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvb0.dll () O3 - HKCU…\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKCU…\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare) O3 - HKCU…\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A O4 - HKCU…\Run: [VideoBarApp] C:\Program Files\Gameztar Toolbar\2.1.3.6670\mvbapp.exe File not found O33 - MountPoints2{256f7e33-2790-11de-bc41-00199952083f}\Shell - “” = AutoRun O33 - MountPoints2{256f7e33-2790-11de-bc41-00199952083f}\Shell\AutoRun\command - “” = F:\AutoRun.exe – File not found O33 - MountPoints2{370f09f6-2804-11de-bc42-00199952083f}\Shell\AutOplay\coMMand - “” = F:\qpltc.pif – File not found O33 - MountPoints2{370f09f6-2804-11de-bc42-00199952083f}\Shell\AutoRun\command - “” = F:\qpltc.pif – File not found O33 - MountPoints2{370f09f6-2804-11de-bc42-00199952083f}\Shell\exPlorE\CoMMand - “” = F:\qpltc.pif – File not found O33 - MountPoints2{370f09f6-2804-11de-bc42-00199952083f}\Shell\OPeN\commaND - “” = F:\qpltc.pif – File not found O33 - MountPoints2{4078f764-829a-11de-bd70-00199952083f}\Shell - “” = AutoRun O33 - MountPoints2{4078f764-829a-11de-bd70-00199952083f}\Shell\AutoRun\command - “” = F:\AutoRun.exe – File not found O33 - MountPoints2{7d8661f8-8f22-11de-bdac-00199952083f}\Shell\AutoRun\command - “” = F:\dhrhyje.bat – File not found O33 - MountPoints2{7d8661f8-8f22-11de-bdac-00199952083f}\Shell\open\Command - “” = F:\dhrhyje.bat – File not found O33 - MountPoints2{9808388d-7443-11de-bd41-00199952083f}\Shell - “” = AutoRun O33 - MountPoints2{9808388d-7443-11de-bd41-00199952083f}\Shell\AutoRun\command - “” = F:\AutoRun.exe – File not found O33 - MountPoints2{af7db8b0-d4c9-11dd-bb1c-00199952083f}\Shell - “” = AutoRun O33 - MountPoints2{af7db8b0-d4c9-11dd-bb1c-00199952083f}\Shell\AutoRun\command - “” = F:\AutoRun.exe – File not found O33 - MountPoints2{af7db8b3-d4c9-11dd-bb1c-00199952083f}\Shell - “” = AutoRun O33 - MountPoints2{af7db8b3-d4c9-11dd-bb1c-00199952083f}\Shell\AutoRun\command - “” = F:\AutoRun.exe – File not found52083f}\Shell\AutoRun\command - “” = F:\AutoRun.exe – File not found [2009-12-23 00:02:13 | 00,000,000 | —D | C] – C:\Documents and Settings\Lynka1\Ustawienia lokalne\Dane aplikacji\Textual Content Provider [2009-12-22 23:55:24 | 00,000,000 | —D | C] – C:\Program Files\QuestService [2009-12-22 23:55:24 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\QuestService [2009-12-22 23:55:08 | 00,000,000 | —D | C] – C:\Program Files\Textual Content Provider [2009-12-22 23:54:55 | 00,000,000 | —D | C] – C:\Program Files\Content Management Wizard [2009-12-22 23:54:38 | 00,000,000 | —D | C] – C:\Documents and Settings\Lynka1\Ustawienia lokalne\Dane aplikacji\Internet Today [2009-12-22 23:54:36 | 00,000,000 | —D | C] – C:\Program Files\Internet Today [2009-12-22 23:54:15 | 00,000,000 | —D | C] – C:\Documents and Settings\Lynka1\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer [2009-12-22 23:54:12 | 00,000,000 | —D | C] – C:\Program Files\Customized Platform Advancer [2009-12-22 23:54:01 | 00,000,000 | —D | C] – C:\Documents and Settings\Lynka1\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer [2009-12-22 23:53:58 | 00,000,000 | —D | C] – C:\Program Files\Automated Content Enhancer [2009-12-22 23:53:37 | 00,000,000 | —D | C] – C:\Documents and Settings\Lynka1\Ustawienia lokalne\Dane aplikacji\Web Search Operator [2009-12-22 23:53:27 | 00,000,000 | —D | C] – C:\Program Files\Web Search Operator [2009-12-22 23:52:55 | 00,000,000 | —D | C] – C:\Program Files\Gameztar Toolbar [2009-12-22 23:52:41 | 00,000,000 | -H-D | C] – C:\Documents and Settings\All Users\Dane aplikacji{CA8CD71A-7992-4226-B949-0D7C9976D2F3} [2009-12-22 23:52:21 | 00,000,000 | —D | C] – C:\Documents and Settings\Lynka1\Ustawienia lokalne\Dane aplikacji\Gameztar Toolbar [2009-12-20 15:28:46 | 00,000,000 | —D | C] – C:\Documents and Settings\Lynka1\Dane aplikacji\Apple Computer [2009-12-20 15:26:37 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009-12-27 13:48:01 | 00,001,136 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-879983540-1801674531-1004UA.job [2009-12-27 13:01:00 | 00,000,236 | ---- | M] () – C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job 2009-12-24 16:48:01 | 00,001,084 | ---- | M] () – C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-879983540-1801674531-1004Core.job :Files C:\Program Files\Ask.com C:\Program Files\BearShare Applications :Services QuestService Service :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] :Commands [emptytemp] [Reboot]