Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

vprot.exe - Bad Image (AVG DLL error)


  • Please log in to reply

#16
Krishnaa

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Still need your help! Whenever I try to eject a flash drive from the system tray, nothing happens. And when I go to My Computer, select the drive and click on Eject, I get a DLL error. I'm, attaching the screenshot with this.

Attached Thumbnails

  • Error.png

  • 0

Advertisements


#17
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
:thumbsup:
  • 0

#18
Krishnaa

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
I'm not sure if I have to create a new topic, but did you see my post about the DLL error when I try to eject a disk?
  • 0

#19
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
No, I missed that post. And in looking back through the logs, now spot a Symantec service running that slipped by earlier.

Given that, you will need to uninstall AVG, assuming an active Norton service may have corrupted things.


Be sure to continue to temporarily disable any protective software when running the scan tools we use here.

Uninstall AVG, then reboot.

---------

Go here:

https://www-secure.s...n=1&lg=en&ct=us

And download the Norton Removal Tool that is appropriate for your version. Then close all open windows and disable all protective software, and click the downloaded file to completely remove Norton from your system. If the removal does not cause a reboot, reboot after the tool has completed the removal. Be sure to save all registration keys before running the tool if you plan to reinstall Norton later.

If you do not recall the version that is okay - the same tool is used for most versions. The exception is Norton 360, which requires you run a BUdump.exe tool first.

---------

Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after each:

cd\

sfc /scannow


A scan will run, and correct any system files as needed.

Reboot.

---------

After the reboot try to eject the drive again.
  • 0

#20
Krishnaa

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
After the sfc /scannow step I got the following message on the command prompt: "Windows Resource Protection found corrupt files but was unable to fix some of them."

It generated a CBS log file, which I'm attaching in case you need it. The error still shows up when I eject the drive.

Attached Files

  • Attached File  CBS.log   487.71KB   196 downloads

  • 0

#21
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
The cbs.log errors (and sharp of you to know how to collect it) suggests file system corruption.


Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after:

chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"

A check of your disk will run. When that finishes, it will create a checkhd.txt log on your desktop. Post those contents back here please. The check disk will take a while to run, so please be patient.
  • 0

#22
Krishnaa

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Well, I did have to do a Google search first!

Here are the contents of the checkhd file:

The type of the file system is NTFS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
270 large file records processed.

0 bad file records processed.

2 EA records processed.

60 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
39101 data files processed.

CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
Windows has checked the file system and found no problems.

209611775 KB total disk space.
60171196 KB in 285418 files.
138360 KB in 39102 indexes.
0 KB in bad sectors.
460907 KB in use by the system.
65536 KB occupied by the log file.
148841312 KB available on disk.

4096 bytes in each allocation unit.
52402943 total allocation units on disk.
37210328 allocation units available on disk.
  • 0

#23
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Click here and download jpshortstuff's SystemLook to your desktop, then click that file to open the scan display. In the open textbox, copy and paste the following (inside the Code box below):

:filefind
hotplug.dll

Then click Look. Once the scan completes Notepad will open - copy/paste those contents back here please. That will also be saved as a log where you have the scan file, named SystemLook.txt.
  • 0

#24
Krishnaa

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
The contents of SystemLook.txt:

SystemLook 30.07.11 by jpshortstuff
Log created at 07:02 on 09/03/2013 by Krishnaa
Administrator - Elevation successful

========== filefind ==========

Searching for "hotplug.dll"
C:\Windows\System32\hotplug.dll --a---- 56320 bytes [23:16 13/07/2009] [01:15 14/07/2009] 90FDB343A8775B3B83663F4A129D4CE8
C:\Windows\winsxs\x86_microsoft-windows-pnphotplugui_31bf3856ad364e35_6.1.7600.16385_none_e8b787acac120444\hotplug.dll --a---- 56320 bytes [23:16 13/07/2009] [01:15 14/07/2009] 90FDB343A8775B3B83663F4A129D4CE8

-= EOF =-
  • 0

#25
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
The backup is a match. Maybe.

Assuming you removed it, download ComboFix.exe from here to your desktop.


Be sure to continue to temporarily disable any protective software when running the scan tools we use here.


Open notepad (go to Start Search, type notepad and press Enter) and copy/paste the text in the codebox below into it:
FCopy::
C:\Windows\winsxs\x86_microsoft-windows-pnphotplugui_31bf3856ad364e35_6.1.7600.16385_none_e8b787acac120444\hotplug.dll | C:\Windows\System32\hotplug.dll
Save this to your desktop as CFScript.txt


You should now have both ComboFix and that CFScript.txt on the desktop. Just left click/hold on the CFScript.txt file, and drag it into ComboFix to start the scan.

ComboFix will now run as it did before. Allow the scan to run. When completed a text window will appear - please copy/paste the contents back here. This log can also be found at C:\ComboFix.txt.
  • 0

Advertisements


#26
Krishnaa

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
I'd somehow missed the alert about your post! Anyway, here are the contents of the ComboFix file:

ComboFix 13-03-11.01 - Krishnaa 12/03/2013 5:58.1.4 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3253.1549 [GMT 5.5:30]
Running from: c:\users\Krishnaa\Desktop\ComboFix.exe
Command switches used :: c:\users\Krishnaa\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\boost_interprocess\20130310113838.123653
c:\users\Krishnaa\AppData\Roaming\Microsoft\bass.dll
c:\users\Krishnaa\AppData\Roaming\Microsoft\engine_vx.dll
c:\windows\system32\muzapp.exe
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\x86_microsoft-windows-pnphotplugui_31bf3856ad364e35_6.1.7600.16385_none_e8b787acac120444\hotplug.dll --> c:\windows\System32\hotplug.dll
.
((((((((((((((((((((((((( Files Created from 2013-02-12 to 2013-03-12 )))))))))))))))))))))))))))))))
.
.
2013-03-12 00:36 . 2013-03-12 00:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-12 00:35 . 2013-03-12 00:35 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{16F7F6D5-C70E-41F9-9692-44E0C70F54B0}\offreg.dll
2013-03-06 04:08 . 2013-03-06 04:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-02 17:00 . 2013-03-12 00:23 -------- d-----w- c:\users\Krishnaa\AppData\Roaming\uTorrent
2013-03-01 13:45 . 2013-03-01 13:45 -------- d-----w- c:\users\Krishnaa\AppData\Local\Adobe_Systems_Incorporate
2013-03-01 13:37 . 2013-03-01 13:38 -------- d-----w- c:\users\Krishnaa\AppData\Local\Smartbar
2013-02-28 13:31 . 2013-02-28 13:31 -------- d-----w- c:\program files\ESET
2013-02-28 13:22 . 2013-02-28 13:22 -------- d-----w- c:\users\Krishnaa\AppData\Roaming\Malwarebytes
2013-02-28 13:22 . 2013-02-28 13:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-28 13:22 . 2013-02-28 13:22 -------- d-----w- c:\programdata\Malwarebytes
2013-02-28 13:22 . 2012-12-14 11:19 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-26 13:18 . 2013-02-28 16:41 -------- d-----w- c:\program files\FlyteDownloadManager
2013-02-24 08:27 . 2013-02-24 08:27 -------- d-----w- c:\users\Krishnaa\AppData\Roaming\YCanPDF
2013-02-24 08:27 . 2013-02-24 08:27 -------- d-----w- C:\tmp
2013-02-24 08:26 . 2013-02-24 08:29 -------- d-----w- C:\PDF2JPG
2013-02-15 22:04 . 2013-02-15 22:04 208448 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-02-15 22:04 . 2013-02-15 22:04 208448 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-06 04:08 . 2012-10-24 14:20 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-06 04:08 . 2012-10-24 14:20 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-28 03:37 . 2012-04-07 17:45 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-28 03:37 . 2012-02-05 06:57 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-18 04:36 . 2013-01-05 14:16 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-12-18 04:36 . 2012-12-18 04:36 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-12-18 04:36 . 2012-12-18 04:36 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-12-18 04:36 . 2012-12-18 04:36 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-12-18 04:36 . 2012-12-18 04:36 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2012-12-18 04:36 . 2012-12-18 04:36 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2012-12-18 04:36 . 2012-12-18 04:36 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2012-12-18 04:36 . 2012-12-18 04:36 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2012-12-18 04:36 . 2012-12-18 04:36 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2012-12-18 04:36 . 2012-12-18 04:36 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2012-12-18 04:36 . 2012-12-18 04:36 569344 ----a-w- c:\windows\system32\muzdecode.ax
2012-12-18 04:36 . 2012-12-18 04:36 491520 ----a-w- c:\windows\system32\muzapp.dll
2012-12-18 04:36 . 2012-12-18 04:36 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2012-12-18 04:36 . 2012-12-18 04:36 45320 ----a-w- c:\windows\system32\MAMACExtract.dll
2012-12-18 04:36 . 2012-12-18 04:36 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2012-12-18 04:36 . 2012-12-18 04:36 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2012-12-18 04:36 . 2012-12-18 04:36 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2012-12-18 04:36 . 2012-12-18 04:36 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2012-12-18 04:36 . 2012-12-18 04:36 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2012-12-18 04:36 . 2012-12-18 04:36 245760 ----a-w- c:\windows\system32\MSCLib.dll
2012-12-18 04:36 . 2012-12-18 04:36 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2012-12-18 04:36 . 2012-12-18 04:36 200704 ----a-w- c:\windows\system32\muzwmts.dll
2012-12-18 04:36 . 2012-12-18 04:36 155648 ----a-w- c:\windows\system32\MSFLib.dll
2012-12-18 04:36 . 2012-12-18 04:36 143360 ----a-w- c:\windows\system32\3DAudio.ax
2012-12-18 04:36 . 2012-12-18 04:36 135168 ----a-w- c:\windows\system32\muzaf1.dll
2012-12-18 04:36 . 2012-12-18 04:36 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2012-12-18 04:36 . 2012-12-18 04:36 122880 ----a-w- c:\windows\system32\muzeffect.ax
2012-12-18 04:36 . 2012-12-18 04:36 118784 ----a-w- c:\windows\system32\MaDRM.dll
2012-12-18 04:36 . 2012-12-18 04:36 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2012-12-18 04:36 . 2013-01-05 14:16 821824 ----a-w- c:\windows\system32\dgderapi.dll
2012-10-11 01:06 . 2012-02-05 06:59 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]
@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
2009-11-25 19:47 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]
@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
2009-11-25 19:47 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]
@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"
[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]
2009-11-25 19:47 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]
@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
2009-11-25 19:47 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]
@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"
[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]
2009-11-25 19:47 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-11-15 23:07 21904 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TK8 StickyNotes"="c:\program files\TK8 StickyNotes\TK8StickyNotes.exe" [2011-01-05 9212720]
"GoogleChromeAutoLaunch_4146831668FEA1F68C3484BF16391934"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-02-28 1274832]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-01-07 446648]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-12-20 1476104]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2013-02-09 3565432]
"Browser Infrastructure Helper"="c:\users\Krishnaa\AppData\Local\Smartbar\Application\QuickShare.exe" [2013-02-10 13824]
"uTorrent"="c:\users\Krishnaa\AppData\Roaming\uTorrent\uTorrent.exe" [2013-03-02 1051984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-02 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-02 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-02 170008]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-05-07 9210400]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-05-07 524288]
"Everything"="c:\program files\Everything\Everything.exe" [2009-03-13 602624]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-09 421888]
"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"BoxSyncHelper"="c:\program files\Box Sync\BoxSyncHelper.exe" [2012-12-19 393216]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"PMBVolumeWatcher"="c:\program files\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-11-27 739936]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Box Sync.lnk - c:\program files\Box Sync\BoxSync.exe [2012-12-19 8706560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"=hex(0):
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200449]
Ime File REG_SZ GOOGLEINPUT_TA.IME
.
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\Razer\Razer Game Booster\Driver\WinRing0.sys [x]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [x]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [x]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [x]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [x]
S0 SMR311;Symantec SMR Utility Service 3.1.1;c:\windows\System32\drivers\SMR311.SYS [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-05 04:11 1630672 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 03:37]
.
2013-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-05 07:27]
.
2013-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-05 07:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.babylon.com/?affID=112555&tt=010712_1&babsrc=HP_ss&mntrId=c023c1930000000000003860777ba906
uInternet Settings,ProxyOverride = *.local
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Krishnaa\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Krishnaa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Krishnaa\AppData\Roaming\Mozilla\Firefox\Profiles\tz9gxuo2.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=112555&tt=010712_1&babsrc=KW_ss&mntrId=c023c1930000000000003860777ba906&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-01-20 11:04; [email protected]; c:\users\Krishnaa\AppData\Roaming\IDM\idmmzcc5
FF - ExtSQL: 2013-03-01 19:10; [email protected]; c:\program files\Iminent\[email protected]
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112555&tt=010712_1
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - c023c1930000000000003860777ba906
FF - user.js: extensions.BabylonToolbar_i.hardId - c023c1930000000000003860777ba906
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15528
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:58
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-BitComet - c:\program files\BitComet\BitComet.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3205674275-2737826845-53548374-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):8d,cc,6b,74,fe,ec,18,da,47,8f,d0,8d,fb,67,c6,bf,f1,0e,36,da,96,
f3,c9,77,4d,ff,81,6b,2c,81,de,ef,16,c5,4c,23,8d,c3,b5,12,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3205674275-2737826845-53548374-1000_Classes\CLSID\{94f9a87c-0dd7-434d-b2ca-58c9cb969c41}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000027
"Therad"=dword:00000015
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-12 06:07:25
ComboFix-quarantined-files.txt 2013-03-12 00:37
.
Pre-Run: 153,462,370,304 bytes free
Post-Run: 153,207,939,072 bytes free
.
- - End Of File - - 19CB60A48700A08780C050FD07A3B249
  • 0

#27
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Run sfc /scannow again please.
  • 0

#28
Krishnaa

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
It still says there are corrupt files. I'm attaching the new CBS log file.

Attached Files


  • 0

#29
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
How about this issue:

Whenever I try to eject a flash drive from the system tray, nothing happens. And when I go to My Computer, select the drive and click on Eject, I get a DLL error. I'm, attaching the screenshot with this.



ComboFix's log shows other things that need changing as well.


Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

  • 0

#30
Krishnaa

Krishnaa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Yeah, that hotplug.dll error still shows up when I try to remove any drive.

Here are the contents of AdwCleaner:

# AdwCleaner v2.114 - Logfile created 03/15/2013 at 09:49:41
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Professional (32 bits)
# User : Krishnaa - KRISHNAA-PC
# Boot Mode : Normal
# Running from : C:\Users\Krishnaa\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
File Found : C:\Users\Krishnaa\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Found : C:\Users\Krishnaa\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Found : C:\Users\Krishnaa\AppData\Roaming\Mozilla\Firefox\Profiles\tz9gxuo2.default\bprotector_extensions.sqlite
File Found : C:\Users\Krishnaa\AppData\Roaming\Mozilla\Firefox\Profiles\tz9gxuo2.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Krishnaa\AppData\Roaming\Mozilla\Firefox\Profiles\tz9gxuo2.default\searchplugins\claro.xml
File Found : C:\Users\Krishnaa\AppData\Roaming\Mozilla\Firefox\Profiles\tz9gxuo2.default\searchplugins\SweetIm.xml
Folder Found : C:\Program Files\SimilarSites
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\Program Files\yourfiledownloader
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\Users\Krishnaa\AppData\Local\Smartbar
Folder Found : C:\Users\Krishnaa\AppData\Local\Temp\Smartbar
Folder Found : C:\Users\Krishnaa\AppData\LocalLow\Smartbar
Folder Found : C:\Users\Krishnaa\AppData\Roaming\Babylon
Folder Found : C:\Users\Krishnaa\AppData\Roaming\Claro
Folder Found : C:\Users\Krishnaa\AppData\Roaming\Mozilla\Firefox\Profiles\tz9gxuo2.default\extensions\staged
Folder Found : C:\Users\Krishnaa\AppData\Roaming\pdfforge
Folder Found : C:\Users\Krishnaa\AppData\Roaming\yourfiledownloader

***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\SmartbarBackup
Key Found : HKCU\Software\SmartbarLog
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YourFileDownloader
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\Software\YourFileDownloader
Key Found : HKU\S-1-5-21-3205674275-2737826845-53548374-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=112555&tt=010712_1&babsrc=HP_ss&mntrId=c023c1930000000000003860777ba906
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=112555&tt=010712_1&babsrc=NT_ss&mntrId=c023c1930000000000003860777ba906

-\\ Mozilla Firefox v16.0.1 (en-US)

File : C:\Users\Krishnaa\AppData\Roaming\Mozilla\Firefox\Profiles\tz9gxuo2.default\prefs.js

Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112555&tt=010712_1&babsrc=NT_ss&mn[...]
Found : user_pref("browser.search.defaultenginename", "SweetIM Search");
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("browser.search.selectedEngine", "SweetIM Search");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=010712_1");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "c023c1930000000000003860777ba906");
Found : user_pref("extensions.BabylonToolbar_i.id", "c023c1930000000000003860777ba906");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15528");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112555&tt=01071[...]
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:58:22");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=112555&tt=010712_1&babsrc=KW_ss&mntrId=c0[...]
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "about:home");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10006&barid={4611[...]

-\\ Google Chrome v25.0.1364.172

File : C:\Users\Krishnaa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12450 octets] - [15/03/2013 09:49:41]

########## EOF - C:\AdwCleaner[R1].txt - [12511 octets] ##########
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP