Solved IBM Desktop Probs-Malware?

kaythos · 2014/01/20

[Resolved] IBM Desktop Probs-Malware?

Referring to my thread in the Windows XP forum (IBM Desktop Performance) I will be posting the contents of the results (logs) of Malwarebytes and DDS scans in 6 separate posts. Although it is premature to say it, I am sure the scan has already fixed a lot of the poor performance - I'm keeping my fingers crossed.

kaythos

broni · 2014/01/29

Reopened.

kaythos · 2014/01/30

"broni said: ↑

Reopened.
Click to expand...

Thanks, Broni. I am posting the mbam log and will post the dds and attach logs separately. Would you please let me know when you get this one.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.19.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Kevin :: DESKTOP [administrator]

1/26/2014 10:53:36 AM
mbam-log-2014-01-26 (10-53-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 262255
Time elapsed: 2 hour(s), 18 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.

Registry Keys Detected: 62
HKCR\CLSID\{11111111-1111-1111-1111-110411771118} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440444774418} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550455775518} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\CrossriderApp0047718.BHO.1 (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411771118} (PUP.Optional.PlusHD.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411771118} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\escort.escortIEPane.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\escort.escortIEPane (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialdskBnd.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialdskBnd (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{ffbb88a9-c663-4b9b-9170-70fa0a5a2786} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\TypeLib\{B463ECD2-E5D8-4178-80C4-EC7C7E72F9AC} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Util BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\CrossriderApp0047718.BHO (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0047718.Sandbox (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0047718.Sandbox.1 (PUP.Optional.CrossRider.A) -> No action taken.
HKCU\SOFTWARE\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
HKCU\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCU\Software\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\CROSSRIDER (PUP.Optional.CrossRider.A) -> No action taken.
HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\Software\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialappCore.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialappCore (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\m (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.

Registry Values Detected: 5
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: mysearchdial Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.dll ",EntryPoint -m l -> No action taken.
HKCU\Software\Crossrider|Verifier (PUP.Optional.CrossRider.A) -> Data: 8eb5965d4c0109beb24e12ae1de3b0e1 -> No action taken.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr2X2X1G1S1F2V1S2Q0V -> No action taken.

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&...FtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=) Good: (http://www.google.com) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&...FtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=) Good: (http://www.google.com) -> No action taken.

Folders Detected: 30
C:\Documents and Settings\Kevin\My Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\icons_2.2.14.1379 (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\system32\WNLT\Installation (PUP.Optional.InstallBrain.A) -> No action taken.
C:\Program Files\Mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0 (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\bh (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\ScorpionSaver (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me\cache (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0 (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0 (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\userCode (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\actions (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource (PUP.Optional.CrossRider.A) -> No action taken.

Files Detected: 174
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-bho.dll (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\BrowseSmart\BrowseSmartBHO.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Documents and Settings\Kevin\My Documents\Downloads\Updater_Setup.exe (PUP.Optional.OptimumInstaller.A) -> No action taken.
C:\Documents and Settings\Kevin\My Documents\Downloads\AdobeAIRSetup-14320658-vffsb.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Temp\SoftwareUpdateSetup.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-chromeinstaller.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-codedownloader.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-enabler.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-updater.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\Documents and Settings\Kevin\My Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Documents and Settings\Kevin\Desktop\MySearchDial.url (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> No action taken.
C:\Program Files\BrowseSmart\BrowseSmart.ico (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\BrowseSmartUninstall.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\sqlite3.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\updateBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\updateBrowseSmart.InstallState (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\sqlite3.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\utilBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\utilBrowseSmart.InstallState (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.ExtChecker.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.FFUpdate.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.GCUpdate.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.IEUpdate.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.SysChecker.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\icons_2.2.14.1379\62.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\icons_2.2.14.1379\80.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\STTL.DAT (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\47718.crx (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\47718.xpi (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\background.html (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-bg.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-buttonutil.dll (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-buttonutil.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-codedownloader.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-enabler.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-helper.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-updater.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0.ico (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Uninstall.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\utils.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\system32\WNLT\Installation\Config.bin (PUP.Optional.InstallBrain.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\FavIcon.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\uninst.dat (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\uninstall.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\ScorpionSaver\CustomActionInstall (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Program Files\ScorpionSaver\CustomActionUninstall (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Program Files\ScorpionSaver\Microsoft.Deployment.WindowsInstaller.dll (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Program Files\ScorpionSaver\Microsoft.Deployment.WindowsInstaller.xml (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Program Files\ScorpionSaver\SendJson.dll (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\background.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\cookies.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\icon.png (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\Manifest.json (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\page.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\static.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\background.html (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\crossriderManifest.json (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\manifest.json (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\popup.html (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\manifest.xml (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins.json (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\47_resources_background.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\102_dealply_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\103_intext_5_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\104_jollywallet_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\105_corticas_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\108_icm_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\117_coupons_intext_ads_5_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\119_similar_web_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\120_luck_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\123_intext_adv_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\175_coolmirage_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\177_crossriderDashboard.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\178_revizer_ws_dynamic_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\179_revizer_p_dynamic_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\17_jQuery.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\180_bpo_serp_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\182_openUrl.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\183_tabsWrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\184_noproblemppc_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\189_active_sanity.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\190_pops_5_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\191_ciuvo_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\194_retargeting_bi_m.js.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\195_icm_convertmedia_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\197_kreapixel_pops_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\199_superfish_no_coupons_plushd_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\19_CHAppAPIWrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\1_base.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\200_foxydeal_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\204_pricedetect_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\21_debug.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\22_resources.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\28_initializer.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\125_arcadi2_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\126_revizer_ws_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\127_revizer_p_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\128_superfish_pricora_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\135_arcadi3_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\138_getdeal_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\13_CrossriderAppUtils.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\141_corticas_ru_m.js.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\142_intext_fa_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\14_CrossriderUtils.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\155_ibario_pops_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\159_cortica_rollover_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\171_arcadi2_sourceID_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\4_jquery_1_7_1.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\64_appApiMessage.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\72_appApiValidation.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\78_CrossriderInfo.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\7_hooks.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\80_CHPopupAppAPI.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\87_ginyas_wrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\91_monetizationLoader.js.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\93_superfish_no_coupons_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\97_resourceApiWrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\9_search_engine_hook.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\userCode\background.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\userCode\extension.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\icon128.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\icon16.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\icon48.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\actions\1.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\background.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\main.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\chrome.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\cookie.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\message.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\pageAction.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\pageActionBG.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\app_api.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\bg_app_api.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\consts.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\cookie_store.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\crossriderAPI.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\delegate.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\events.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\extensionDataStore.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\installer.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\logFile.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\logging.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\onBGDocumentLoad.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\reports.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\storageWrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\updateManager.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\util.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\xhr.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource\newPopup.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource\popup.js (PUP.Optional.CrossRider.A) -> No action taken.

(end)

broni · 2014/01/30

Your log says "No action taken ".
Re-run MBAM fix all issues and post new log.

I still need DDS logs.

kaythos · 2014/01/30

Broni:

Here are the DDS logs. I will repeat the mbam logs. However, I did select the Remove Selected button in the first run - I had presumed that this would have been sufficient, but apparently not.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.51.2
Run by Kevin at 16:52:04 on 2014-01-26
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2814.1618 [GMT -5:00]
.
AV: Norton AntiVirus *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton AntiVirus *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Norton Zone\Engine\1.1.0.4\NZ.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
C:\Program Files\Norton Zone\Engine\1.1.0.4\NZ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Mobogenie\DaemonProcess.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE
C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
C:\Program Files\Lenovo\Lenovo Mouse Suite\Pelmiced.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Mobogenie\mgusb.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.mysearchdial.com/?f=1&a=file1202&cd=2XzuyEtN2Y1L1QzutDtD0F0FzztD0AyE0ByEzz0AtCtB0BzztN0D0Tzu0SyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.msn.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://start.mysearchdial.com/?f=1&a=file1202&cd=2XzuyEtN2Y1L1QzutDtD0F0FzztD0AyE0ByEzz0AtCtB0BzztN0D0Tzu0SyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=
uProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Plus-HD-5.0: {11111111-1111-1111-1111-110411771118} - c:\program files\plus-hd-5.0\Plus-HD-5.0-bho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\engine\21.1.0.18\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.3.124.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: mysearchdial Helper Object: {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - c:\program files\mysearchdial\1.8.21.0\bh\mysearchdial.dll
BHO: Norton Safe Web Lite BHO: {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - c:\program files\norton safe web lite\engine\1.2.0.6\CoIEPlg.dll
BHO: HP Smart Print Helper: {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - c:\program files\hewlett-packard\smart print 2.1\Espresso.dll
BHO: BrowseSmart: {ffbb88a9-c663-4b9b-9170-70fa0a5a2786} - c:\program files\browsesmart\BrowseSmartbho.dll
TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
TB: Norton Safe Web Lite: {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - c:\program files\norton safe web lite\engine\1.2.0.6\CoIEPlg.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
TB: Norton Safe Web Lite: {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - c:\program files\norton safe web lite\engine\1.2.0.6\CoIEPlg.dll
TB: mysearchdial Toolbar: {3004627E-F8E9-4E8B-909D-316753CBA923} - c:\program files\mysearchdial\1.8.21.0\mysearchdialTlbr.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\microsoft\bingbar\7.3.124.0\BingExt.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Driver Detective] c:\program files\pc drivers headquarters\driver detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [DW4] <no file>
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll "
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe "
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
mRun: [mobilegeni daemon] c:\program files\mobogenie\DaemonProcess.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe "
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [IBMPRC] c:\ibmtools\utils\ibmprc.exe
mRun: [ibmmessages] c:\program files\ibm\messages by ibm\ibmmessages.exe
mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: [Creative WebCam Tray] c:\program files\creative\shared files\CAMTRAY.EXE
mRun: [Daemon for Mouse Suite] c:\program files\lenovo\lenovo mouse suite\ICO.EXE 30
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoThumbnailCache = dword:1
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smart print 2.1\LaunchEspresso.exe
IE: {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - c:\program files\lenovo\pkgmgr\\PkgMgr.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: desktop
DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} - hxxp://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} - hxxp://www.worldwinner.com/games/v57/wof/wof.cab
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://usaive.ap.org/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1 75.75.76.76 75.75.75.75
TCP: Interfaces\{E24F163E-8079-418D-8F30-B2BCE082701E} : DHCPNameServer = 192.168.1.1 75.75.76.76 75.75.75.75
Notify: AtiExtEvent - <no file>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli pwdmon
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\kevin\application data\mozilla\firefox\profiles\wjqb4ex1.default-1386259525234\
FF - prefs.js: browser.search.selectedEngine - Mysearchdial
FF - prefs.js: browser.startup.homepage - hxxp://start.mysearchdial.com/?f=1&a=file1202&cd=2XzuyEtN2Y1L1QzutDtD0F0FzztD0AyE0ByEzz0AtCtB0BzztN0D0Tzu0SyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=
FF - prefs.js: keyword.URL -
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\headlinealley_29\bar\1.bin\NP29Stub.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mapsgalaxy_39\bar\1.bin\NP39Stub.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\npMSDM.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-12-05 10:17; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_21.0.2.1\IPSFF
FF - ExtSQL: 2013-12-06 15:59; firefox@browsesmart.net; c:\documents and settings\kevin\application data\mozilla\firefox\profiles\wjqb4ex1.default-1386259525234\extensions\firefox@browsesmart.net.xpi
FF - ExtSQL: 2013-12-12 23:09; {ad9a41d2-9a49-4fa6-a79e-71a0785364c8}; c:\documents and settings\kevin\application data\mozilla\firefox\profiles\wjqb4ex1.default-1386259525234\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
FF - ExtSQL: 2013-12-12 23:09; ffxtlbr@mysearchdial.com; c:\documents and settings\kevin\application data\mozilla\firefox\profiles\wjqb4ex1.default-1386259525234\extensions\ffxtlbr@mysearchdial.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=file1202&cd=2XzuyEtN2Y1L1QzutDtD0F0FzztD0AyE0ByEzz0AtCtB0BzztN0D0Tzu0SyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=file1202&cd=2XzuyEtN2Y1L1QzutDtD0F0FzztD0AyE0ByEzz0AtCtB0BzztN0D0Tzu0SyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=file1202&cd=2XzuyEtN2Y1L1QzutDtD0F0FzztD0AyE0ByEzz0AtCtB0BzztN0D0Tzu0SyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=&q=
FF - user.js: extensions.mysearchdial.id - 00FF80A4B48A12B8
FF - user.js: extensions.mysearchdial.instlDay - 16051
FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.017:5:50
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - file1202
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 1899743152
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1QzutDtD0F0FzztD0AyE0ByEzz0AtCtB0BzztN0D0Tzu0SyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R
FF - user.js: extensions.irmysearch.aflt - file1202
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 1899743152
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1QzutDtD0F0FzztD0AyE0ByEzz0AtCtB0BzztN0D0Tzu0SyBtCtBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1501000.012\symds.sys [2013-10-10 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1501000.012\symefa.sys [2013-10-10 935512]
R1 BHDrvx86;BHDrvx86;c:\program files\norton antivirus\nortondata\21.0.2.1\definitions\bashdefs\20140121.001\BHDrvx86.sys [2014-1-22 1098968]
R1 ccSet_NAV;NAV Settings Manager;c:\windows\system32\drivers\nav\1501000.012\ccsetx86.sys [2013-10-10 127064]
R1 ccSet_NZ;Norton Zone Settings Manager;c:\windows\system32\drivers\nz\0101000.004\ccsetx86.sys [2013-12-17 127064]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1501000.012\ironx86.sys [2013-10-10 206936]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-11-21 108120]
R3 IDSxpx86;IDSxpx86;c:\program files\norton antivirus\nortondata\21.0.2.1\definitions\ipsdefs\20140124.001\IDSXpx86.sys [2014-1-25 383120]
R3 NAVENG;NAVENG;c:\program files\norton antivirus\nortondata\21.0.2.1\definitions\virusdefs\20140125.005\NAVENG.SYS [2014-1-25 93272]
R3 NAVEX15;NAVEX15;c:\program files\norton antivirus\nortondata\21.0.2.1\definitions\virusdefs\20140125.005\NAVEX15.SYS [2014-1-25 1612376]
R3 P0630VID;Creative WebCam Live!;c:\windows\system32\drivers\P0630Vid.sys [2006-1-11 91830]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca0d2ccdad8f4a;Google Update Service (gupdate1ca0d2ccdad8f4a);c:\program files\google\update\GoogleUpdate.exe [2009-7-25 133104]
S2 HeadlineAlley_29Service;HeadlineAlleyService;c:\progra~1\headli~2\bar\1.bin\29barsvc.exe [2013-11-12 44752]
S2 MapsGalaxy_39Service;MapsGalaxyService;c:\progra~1\mapsga~2\bar\1.bin\39barsvc.exe [2013-10-12 44752]
S3 HPx9G+;HPx9G+; [x]
S3 ssmirrdr;ssmirrdr;c:\windows\system32\drivers\ssmirrdr.sys [2013-4-30 10112]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-11-8 13464]
.
=============== Created Last 30 ================
.
2014-01-25 21:30:06 527208 ------w- c:\windows\system32\HPDiscoPM5312.dll
2014-01-19 03:08:02 -------- d-----w- C:\Norton
2014-01-18 12:15:25 -------- d-----w- c:\documents and settings\kevin\local settings\application data\NPE
2014-01-17 21:39:04 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-01-17 21:38:21 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-01-12 12:03:46 -------- d-----w- c:\documents and settings\kevin\local settings\application data\Plus-HD-5.0
2014-01-10 21:25:00 -------- d-----w- c:\program files\Speccy
2014-01-09 21:58:56 -------- d-----w- c:\windows\system32\wbem\repository\FS
2014-01-09 21:58:56 -------- d-----w- c:\windows\system32\wbem\Repository
2014-01-09 20:32:40 87168 ----a-w- c:\windows\system32\drvmcdb.sys
2014-01-08 14:55:03 -------- d-----w- c:\documents and settings\kevin\local settings\application data\AOL Toolbar
2014-01-08 14:55:00 -------- d-----w- c:\documents and settings\all users\application data\AOL Toolbar
2014-01-08 14:54:11 -------- d-----w- c:\program files\common files\Software Update Utility
2014-01-08 14:54:08 -------- d-----w- c:\program files\AOL Toolbar
2014-01-04 22:41:56 -------- d-----w- c:\documents and settings\kevin\application data\DriverCure
2014-01-04 22:41:52 -------- d-----w- c:\documents and settings\kevin\application data\ParetoLogic
2014-01-04 22:40:59 -------- d-----w- c:\program files\common files\ParetoLogic
2014-01-04 22:40:47 -------- d-----w- c:\program files\ParetoLogic
2014-01-04 22:40:47 -------- d-----w- c:\documents and settings\all users\application data\ParetoLogic
2014-01-01 16:08:17 -------- d-----w- c:\documents and settings\kevin\.android
2014-01-01 16:07:57 -------- d-----w- c:\documents and settings\kevin\application data\newnext.me
2014-01-01 16:07:53 -------- d-----w- c:\documents and settings\kevin\local settings\application data\genienext
2014-01-01 16:06:15 -------- d-----w- c:\program files\Plus-HD-5.0
.
==================== Find3M ====================
.
2013-12-11 17:18:33 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 17:18:33 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-27 12:00:32 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-11-23 22:40:55 1127544 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-11-23 22:40:55 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-11-23 22:40:48 1127544 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-11-23 22:16:09 53248 -c--a-w- c:\windows\system32\CSVer.dll
2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-11 16:38:53 9646080 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-11 16:38:53 9605120 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-11 16:38:53 893728 ----a-w- c:\windows\system32\nvdispgenco3233182.dll
2013-11-11 16:38:53 57344 ----a-w- c:\windows\system32\OpenCL.dll
2013-11-11 16:38:53 4083584 ----a-w- c:\windows\system32\nv4_disp.dll
2013-11-11 16:38:53 2952992 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-11 16:38:53 2747680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-11 16:38:53 2633728 ----a-w- c:\windows\system32\nvapi.dll
2013-11-11 16:38:53 22183936 ----a-w- c:\windows\system32\nvoglnt.dll
2013-11-11 16:38:53 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-11 16:38:53 12684992 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-11-11 16:38:53 1049888 ----a-w- c:\windows\system32\nvdispco3233182.dll
2013-11-11 14:31:28 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-11-11 14:31:28 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-11-11 14:31:27 209184 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 14:31:27 15711008 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 14:31:27 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-11-08 12:02:37 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26:17 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:57:34 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:57:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-29 07:57:33 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:57:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45:02 385024 ----a-w- c:\windows\system32\html.iec
2009-12-13 14:05:16 327000 ----a-w- c:\program files\InstallManager_Bing_Microsoft.exe
2009-12-07 14:09:33 13525224 -c--a-w- c:\program files\clj2500pcl6winvista2kxp2003.exe
2009-07-23 13:25:10 8117208 -c--a-w- c:\program files\Firefox Setup 3.5.1.exe
2009-06-28 13:31:16 21935408 -c--a-w- c:\program files\QuickTimeInstaller.exe
2009-04-14 15:20:44 1143656 -c--a-w- c:\program files\wlsetup-web.exe
2009-04-13 21:21:00 16883056 -c--a-w- c:\program files\IE8-WindowsXP-x86-ENU.exe
2009-03-26 20:11:01 25740144 -c--a-w- c:\program files\wmp11-windowsxp-x86-enu.exe
2009-03-07 23:12:04 1878888 -c--a-w- c:\program files\install_flash_player.exe
2009-02-28 22:45:15 23516968 ----a-w- c:\program files\SkypeSetupFull.exe
2008-08-22 22:09:39 17580000 -c--a-w- c:\program files\pse_300_enu.exe
2008-08-09 10:31:18 4891216 -c--a-w- c:\program files\Silverlight.2.0.exe
2008-06-01 20:36:59 904912 ----a-w- c:\program files\Google Updater.exe
2008-05-20 22:08:15 512984 -c--a-w- c:\program files\setup.exe
2008-05-17 21:56:34 4257184 ----a-w- c:\program files\registryboosteraff.exe
2008-01-26 03:57:37 11160320 -c--a-w- c:\program files\sz1120008.exe
2008-01-25 20:38:21 12727648 -c--a-w- c:\program files\winzip111.exe
2008-01-01 23:20:12 12438648 -c--a-w- c:\program files\ezcalendarFree.exe
2008-01-01 04:49:13 5636048 -c--a-w- c:\program files\wmvfirefoxpluginsetup.exe
2007-11-22 15:36:39 54330664 ----a-w- c:\program files\iTunes75Setup.exe
2007-10-21 22:29:48 65449972 -c--a-w- c:\program files\DesignCAD3DMax18-ESD.exe
2007-04-12 21:13:31 7718504 -c----w- c:\program files\winzip110.exe
2007-03-09 13:55:50 363816 -c----w- c:\program files\download-TurboCADDeluxe12Trial.exe.exe
2007-02-27 18:52:21 9583328 -c----w- c:\program files\DesktopDoctor1.5.4.exe
2006-12-10 02:54:56 5186048 -c----w- c:\program files\WindowsDefender.msi
.
============= FINISH: 16:54:03.93 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/10/2006 2:45:44 PM
System Uptime: 1/26/2014 6:22:18 AM (10 hours ago)
.
Motherboard: IBM | | IBM
Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz | LGA775/PSC/TJS | 3391/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 146 GiB total, 89.977 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Access IBM
Access IBM Message Center
Across Lite 2.0
Adobe AIR
Adobe AIR Free Download Packages
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX Free Download Packages
Adobe Reader XI (11.0.06)
Adobe Shockwave Player
All Pictures Screen Saver
All Screen Saver
AMD Catalyst Install Manager
Apple Application Support
Apple Software Update
ATI - Software Uninstall Utility
Bing Bar
Bonjour
BrowseSmart
Creative WebCam Center
Creative WebCam Live! Driver (1.01.01.0730)
Creative WebCam Live! User's Guide (English)
Critical Update for Windows Media Player 11 (KB959772)
DesignCAD 3D Max 16.2
DesignCAD 3D Max 18
Desktop Doctor
Disketch Disc Label Software
Driver Detective
File Type Assistant
Firefox Free Download Packages
Get Yahoo! Messenger
Google Chrome
Google Earth
Google Earth Free Download Packages
Google Toolbar for Internet Explorer
Google Update Helper
Google+ Auto Backup
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP 15C Emulator
HP Calculator Manager 1.1.5
HP Officejet Pro 8500 A910 Basic Device Software
HP Officejet Pro 8500 A910 Help
HP Officejet Pro 8500 A910 Product Improvement Study
HP Smart Print 2.1
HP Update
HPDiagnosticCoreDll
HPSSupply
HSF2014 56K Data Fax Modem
I.R.I.S. OCR
IBM 32-bit Runtime Environment for Java 2, v1.4.2
IBM DLA
IBM RecordNow!
IBM Rescue and Recovery with Rapid Restore
IBM Themes
InterVideo WinDVD
InterVideo WinDVD Creator
InterVideo WinDVD Creator 3
Java 7 Update 51
Java Auto Updater
Juniper Networks Network Connect 6.5.0
Juniper Networks Setup Client
Junk Mail filter update
Lenovo Battery Program
Lenovo Mouse Suite
LiveUpdate (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Lizardtech Express View
Malwarebytes Anti-Malware version 1.75.0.1300
Marketsplash Shortcuts
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Download Manager
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Professional
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mobogenie
MotoCalc 8.07
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Mysearchdial
Norton AntiVirus
Norton Safe Web Lite
Norton Security Scan
Norton Zone
NVIDIA Control Panel 331.82
NVIDIA GeForce Experience 1.7.1
NVIDIA Graphics Driver 331.82
NVIDIA Install Application
NVIDIA nView 140.84
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA Update 9.3.21
NVIDIA Update Components
PC-Doctor for Windows
PhotoPad Image Editor
Pixillion Image Converter
Plus-HD-5.0
Profili 2
QuickTime
Random House Webster's Unabridged Dictionary
RegCure Pro
Rhapsody Player Engine
Savings Bond Wizard
ScorpionSaver
ScorpionSaver Services
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
ShareIns
Shop for HP Supplies
Software Installer
Sonic Update Manager
SoundMAX
Speccy
Symantec KB-DocID:2003093015493306
Symantec Technical Support Web Controls
System Update
TBS WMP Plug-in
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2808679)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewings Screen Saver
Wallpapers
WD Diagnostics
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Imaging Component
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Xfinity Signature Support Solutions Toolkit
XPS Essentials Pack
XPS Essentials Pack 1.0
.
==== End Of File ===========================

kaythos · 2014/01/30

Broni;

Here is the re-run log for mbam. Hope this one is OK.

kaythos

kaythos · 2014/01/30

Sorry,

Try again.

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.30.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Kevin :: DESKTOP [administrator]

1/30/2014 4:57:48 PM
mbam-log-2014-01-30 (16-57-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 262357
Time elapsed: 2 hour(s), 22 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.

Registry Keys Detected: 62
HKLM\SYSTEM\CurrentControlSet\Services\Util BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110411771118} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440444774418} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550455775518} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\CrossriderApp0047718.BHO.1 (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411771118} (PUP.Optional.PlusHD.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411771118} (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\escort.escortIEPane.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\escort.escortIEPane (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{ffbb88a9-c663-4b9b-9170-70fa0a5a2786} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\TypeLib\{b463ecd2-e5d8-4178-80c4-ec7c7e72f9ac} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786} (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialdskBnd.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialdskBnd (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCR\CrossriderApp0047718.BHO (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0047718.Sandbox (PUP.Optional.CrossRider.A) -> No action taken.
HKCR\CrossriderApp0047718.Sandbox.1 (PUP.Optional.CrossRider.A) -> No action taken.
HKCU\SOFTWARE\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
HKCU\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKCU\Software\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\CROSSRIDER (PUP.Optional.CrossRider.A) -> No action taken.
HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\Software\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
HKCR\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialappCore.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialappCore (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\m (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.

Registry Values Detected: 5
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: mysearchdial Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.dll ",EntryPoint -m l -> No action taken.
HKCU\Software\Crossrider|Verifier (PUP.Optional.CrossRider.A) -> Data: 8eb5965d4c0109beb24e12ae1de3b0e1 -> No action taken.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr2X2X1G1S1F2V1S2Q0V -> No action taken.

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&...FtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=) Good: (http://www.google.com) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&...FtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=) Good: (http://www.google.com) -> No action taken.

Folders Detected: 30
C:\Documents and Settings\Kevin\My Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files\BrowseSmart (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\icons_2.2.14.1379 (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\system32\WNLT\Installation (PUP.Optional.InstallBrain.A) -> No action taken.
C:\Program Files\Mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0 (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\bh (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\ScorpionSaver (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me\cache (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0 (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0 (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\userCode (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\actions (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource (PUP.Optional.CrossRider.A) -> No action taken.

Files Detected: 174
C:\Program Files\BrowseSmart\bin\utilBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\updateBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-bho.dll (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\BrowseSmart\BrowseSmartBHO.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\My Documents\Downloads\Updater_Setup.exe (PUP.Optional.OptimumInstaller.A) -> No action taken.
C:\Documents and Settings\Kevin\My Documents\Downloads\AdobeAIRSetup-14320658-vffsb.exe (PUP.Optional.TSA) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Temp\SoftwareUpdateSetup.exe (PUP.Optional.TSA) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-chromeinstaller.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-codedownloader.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-enabler.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\Tasks\Plus-HD-5.0-updater.job (PUP.Optional.PlusHD.A) -> No action taken.
C:\Documents and Settings\Kevin\My Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Documents and Settings\Kevin\Desktop\MySearchDial.url (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> No action taken.
C:\Program Files\BrowseSmart\BrowseSmart.ico (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\BrowseSmartUninstall.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\sqlite3.exe (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\updateBrowseSmart.InstallState (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\sqlite3.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\utilBrowseSmart.InstallState (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.ExtChecker.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.FFUpdate.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.GCUpdate.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.IEUpdate.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.SysChecker.dll (PUP.Optional.BrowseSmart.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\icons_2.2.14.1379\62.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\icons_2.2.14.1379\80.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\STTL.DAT (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\47718.crx (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\47718.xpi (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\background.html (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-bg.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-buttonutil.dll (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-buttonutil.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-codedownloader.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-enabler.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-helper.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-updater.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0.ico (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\Uninstall.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\Program Files\Plus-HD-5.0\utils.exe (PUP.Optional.PlusHD.A) -> No action taken.
C:\WINDOWS\system32\WNLT\Installation\Config.bin (PUP.Optional.InstallBrain.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\FavIcon.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\uninst.dat (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.21.0\uninstall.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\ScorpionSaver\CustomActionInstall (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Program Files\ScorpionSaver\CustomActionUninstall (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Program Files\ScorpionSaver\Microsoft.Deployment.WindowsInstaller.dll (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Program Files\ScorpionSaver\Microsoft.Deployment.WindowsInstaller.xml (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Program Files\ScorpionSaver\SendJson.dll (PUP.Optional.ScorpionSaver) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Application Data\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\background.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\cookies.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\icon.png (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\Manifest.json (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\page.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\static.js (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\background.html (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\crossriderManifest.json (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\manifest.json (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\popup.html (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\manifest.xml (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins.json (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\47_resources_background.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\102_dealply_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\103_intext_5_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\104_jollywallet_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\105_corticas_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\108_icm_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\117_coupons_intext_ads_5_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\119_similar_web_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\120_luck_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\123_intext_adv_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\175_coolmirage_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\177_crossriderDashboard.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\178_revizer_ws_dynamic_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\179_revizer_p_dynamic_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\17_jQuery.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\180_bpo_serp_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\182_openUrl.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\183_tabsWrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\184_noproblemppc_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\189_active_sanity.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\190_pops_5_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\191_ciuvo_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\194_retargeting_bi_m.js.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\195_icm_convertmedia_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\197_kreapixel_pops_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\199_superfish_no_coupons_plushd_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\19_CHAppAPIWrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\1_base.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\200_foxydeal_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\204_pricedetect_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\21_debug.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\22_resources.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\28_initializer.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\125_arcadi2_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\126_revizer_ws_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\127_revizer_p_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\128_superfish_pricora_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\135_arcadi3_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\138_getdeal_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\13_CrossriderAppUtils.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\141_corticas_ru_m.js.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\142_intext_fa_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\14_CrossriderUtils.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\155_ibario_pops_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\159_cortica_rollover_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\171_arcadi2_sourceID_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\4_jquery_1_7_1.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\64_appApiMessage.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\72_appApiValidation.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\78_CrossriderInfo.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\7_hooks.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\80_CHPopupAppAPI.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\87_ginyas_wrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\91_monetizationLoader.js.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\93_superfish_no_coupons_m.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\97_resourceApiWrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\9_search_engine_hook.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\userCode\background.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\userCode\extension.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\icon128.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\icon16.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\icon48.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\actions\1.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\background.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\main.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\chrome.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\cookie.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\message.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\pageAction.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\pageActionBG.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\app_api.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\bg_app_api.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\consts.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\cookie_store.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\crossriderAPI.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\delegate.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\events.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\extensionDataStore.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\installer.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\logFile.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\logging.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\onBGDocumentLoad.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\reports.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\storageWrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\updateManager.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\util.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\xhr.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource\newPopup.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource\popup.js (PUP.Optional.CrossRider.A) -> No action taken.

(end)

broni · 2014/01/30

No. It still says "No action taken ".
Please re-read how to run MBAM.

kaythos · 2014/01/31

As they say, when all else fails, read the instructions!

Here is the new mbam log.

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.31.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Kevin :: DESKTOP [administrator]

1/31/2014 10:24:52 AM
mbam-log-2014-01-31 (10-24-52).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 262106
Time elapsed: 1 hour(s), 55 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.

Registry Keys Detected: 62
HKLM\SYSTEM\CurrentControlSet\Services\Util BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110411771118} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440444774418} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550455775518} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0047718.BHO.1 (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411771118} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411771118} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{ffbb88a9-c663-4b9b-9170-70fa0a5a2786} (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{b463ecd2-e5d8-4178-80c4-ec7c7e72f9ac} (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCR\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD} (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786} (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786} (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialdskBnd.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialdskBnd (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0047718.BHO (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0047718.Sandbox (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0047718.Sandbox.1 (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCU\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKCU\Software\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CROSSRIDER (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\Software\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialappCore.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\mysearchdial.mysearchdialappCore (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\m (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

Registry Values Detected: 5
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: mysearchdial Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.dll ",EntryPoint -m l -> Quarantined and deleted successfully.
HKCU\Software\Crossrider|Verifier (PUP.Optional.CrossRider.A) -> Data: 8eb5965d4c0109beb24e12ae1de3b0e1 -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr2X2X1G1S1F2V1S2Q0V -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&...FtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&...FtCtAyBzytN1L1CzutCyD1B1P1R&cr=1899743152&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 30
C:\Documents and Settings\Kevin\My Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\bin (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\bin\plugins (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\icons_2.2.14.1379 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WNLT\Installation (PUP.Optional.InstallBrain.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\bh (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\ScorpionSaver (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\newnext.me (PUP.Optional.NextLive.A) -> Delete on reboot.
C:\Documents and Settings\Kevin\Application Data\newnext.me\cache (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0 (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Plus-HD-5.0 (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0 (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\userCode (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\actions (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.

Files Detected: 166
C:\Program Files\BrowseSmart\bin\utilBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\updateBrowseSmart.exe (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
c:\program files\plus-hd-5.0\plus-hd-5.0-bho.dll (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\BrowseSmartBHO.dll (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\My Documents\Downloads\Updater_Setup.exe (PUP.Optional.OptimumInstaller.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\My Documents\Downloads\AdobeAIRSetup-14320658-vffsb.exe (PUP.Optional.TSA) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Temp\SoftwareUpdateSetup.exe (PUP.Optional.TSA) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\Plus-HD-5.0-chromeinstaller.job (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\My Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Desktop\MySearchDial.url (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\BrowseSmart.ico (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\BrowseSmartUninstall.exe (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\sqlite3.exe (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\updateBrowseSmart.InstallState (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\bin\sqlite3.dll (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\bin\utilBrowseSmart.InstallState (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.ExtChecker.dll (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.FFUpdate.dll (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.GCUpdate.dll (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.IEUpdate.dll (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Program Files\BrowseSmart\bin\plugins\BrowseSmart.SysChecker.dll (PUP.Optional.BrowseSmart.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\icons_2.2.14.1379\62.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\icons_2.2.14.1379\80.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\STTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\mysearchdial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\47718.crx (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\47718.xpi (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\background.html (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-bg.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-buttonutil.dll (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-buttonutil.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0-helper.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\Plus-HD-5.0.ico (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\Uninstall.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files\Plus-HD-5.0\utils.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WNLT\Installation\Config.bin (PUP.Optional.InstallBrain.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\FavIcon.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\uninst.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\Mysearchdial\1.8.21.0\uninstall.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Program Files\ScorpionSaver\CustomActionInstall (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\Program Files\ScorpionSaver\CustomActionUninstall (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\Program Files\ScorpionSaver\Microsoft.Deployment.WindowsInstaller.dll (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\Program Files\ScorpionSaver\Microsoft.Deployment.WindowsInstaller.xml (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\Program Files\ScorpionSaver\SendJson.dll (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Application Data\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\background.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\cookies.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\icon.png (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\Manifest.json (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\page.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\static.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\background.html (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\crossriderManifest.json (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\manifest.json (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\popup.html (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\manifest.xml (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins.json (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\47_resources_background.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\102_dealply_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\103_intext_5_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\104_jollywallet_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\105_corticas_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\108_icm_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\117_coupons_intext_ads_5_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\119_similar_web_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\120_luck_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\123_intext_adv_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\175_coolmirage_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\177_crossriderDashboard.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\178_revizer_ws_dynamic_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\179_revizer_p_dynamic_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\17_jQuery.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\180_bpo_serp_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\182_openUrl.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\183_tabsWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\184_noproblemppc_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\189_active_sanity.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\190_pops_5_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\191_ciuvo_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\194_retargeting_bi_m.js.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\195_icm_convertmedia_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\197_kreapixel_pops_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\199_superfish_no_coupons_plushd_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\19_CHAppAPIWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\1_base.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\200_foxydeal_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\204_pricedetect_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\21_debug.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\22_resources.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\28_initializer.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\125_arcadi2_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\126_revizer_ws_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\127_revizer_p_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\128_superfish_pricora_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\135_arcadi3_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\138_getdeal_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\13_CrossriderAppUtils.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\141_corticas_ru_m.js.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\142_intext_fa_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\14_CrossriderUtils.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\155_ibario_pops_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\159_cortica_rollover_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\171_arcadi2_sourceID_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\4_jquery_1_7_1.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\64_appApiMessage.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\72_appApiValidation.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\78_CrossriderInfo.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\7_hooks.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\80_CHPopupAppAPI.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\87_ginyas_wrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\91_monetizationLoader.js.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\93_superfish_no_coupons_m.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\97_resourceApiWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\plugins\9_search_engine_hook.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\userCode\background.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\extensionData\userCode\extension.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\icon128.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\icon16.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\icon48.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\icons\actions\1.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\background.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\main.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\chrome.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\cookie.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\message.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\pageAction.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api\pageActionBG.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\app_api.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\bg_app_api.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\consts.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\cookie_store.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\crossriderAPI.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\delegate.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\events.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\extensionDataStore.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\installer.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\logFile.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\logging.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\onBGDocumentLoad.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\reports.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\storageWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\updateManager.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\util.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\xhr.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource\newPopup.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource\popup.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.

(end)

broni · 2014/01/31

Good

Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.

Close all the running programs

Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator

Otherwise just double-click on RogueKiller.exe

Pre-scan will start. Let it finish.

Click on SCAN button.

Wait until the Status box shows Scan Finished

Click on Delete.

Wait until the Status box shows Deleting Finished.

Click on Report and copy/paste the content of the Notepad into your next reply.

RKreport.txt could also be found on your desktop.

If more than one log is produced post all logs.

If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

Unzip downloaded file.

Open the folder where the contents were unzipped and run mbar.exe

Follow the instructions in the wizard to update and allow the program to scan your computer for threats.

Click on the Cleanup button to remove any threats and reboot if prompted to do so.

Wait while the system shuts down and the cleanup process is performed.

Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.

When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

kaythos · 2014/02/02

Hi Broni;

Here are the logs for PKreport and mbam-log. The following 2 posts will contain system-log. MBAM took over 12 hrs to finish and said there were no threats!

Here goes;

RogueKiller V8.8.3 [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Kevin [Admin rights]
Mode : Scan -- Date : 02/01/2014 10:57:40
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V1][SUSP PATH] At1.job : C:\DOCUME~1\Kevin\APPLIC~1\MYSEAR~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Address] SSDT[12] : NtAlertResumeThread @ 0x805D4C0C -> HOOKED (Unknown @ 0x8A633D30)
[Address] SSDT[13] : NtAlertThread @ 0x805D4BBC -> HOOKED (Unknown @ 0x8A633DC8)
[Address] SSDT[17] : NtAllocateVirtualMemory @ 0x805A8AEE -> HOOKED (Unknown @ 0x8A68E5D8)
[Address] SSDT[19] : NtAssignProcessToJobObject @ 0x805D66D0 -> HOOKED (Unknown @ 0x8A6337A8)
[Address] SSDT[31] : NtConnectPort @ 0x805A4604 -> HOOKED (Unknown @ 0x8AB0C5C8)
[Address] SSDT[43] : NtCreateMutant @ 0x80617822 -> HOOKED (Unknown @ 0x8A633B58)
[Address] SSDT[52] : NtCreateSymbolicLinkObject @ 0x805C3A2E -> HOOKED (Unknown @ 0x8A633658)
[Address] SSDT[53] : NtCreateThread @ 0x805D1068 -> HOOKED (Unknown @ 0x8A88AE28)
[Address] SSDT[57] : NtDebugActiveProcess @ 0x80643CB2 -> HOOKED (Unknown @ 0x8A633840)
[Address] SSDT[68] : NtDuplicateObject @ 0x805BE03C -> HOOKED (Unknown @ 0x8A68E718)
[Address] SSDT[83] : NtFreeVirtualMemory @ 0x805B2FE6 -> HOOKED (Unknown @ 0x8A68E468)
[Address] SSDT[89] : NtImpersonateAnonymousToken @ 0x805F9362 -> HOOKED (Unknown @ 0x8A633C00)
[Address] SSDT[91] : NtImpersonateThread @ 0x805D7890 -> HOOKED (Unknown @ 0x8A633C98)
[Address] SSDT[97] : NtLoadDriver @ 0x80584172 -> HOOKED (Unknown @ 0x8AB53540)
[Address] SSDT[108] : NtMapViewOfSection @ 0x805B206E -> HOOKED (Unknown @ 0x8A8208E8)
[Address] SSDT[114] : NtOpenEvent @ 0x8060F1E0 -> HOOKED (Unknown @ 0x8A633AC0)
[Address] SSDT[122] : NtOpenProcess @ 0x805CB486 -> HOOKED (Unknown @ 0x8A68F298)
[Address] SSDT[123] : NtOpenProcessToken @ 0x805EE030 -> HOOKED (Unknown @ 0x8A68E680)
[Address] SSDT[125] : NtOpenSection @ 0x805AA420 -> HOOKED (Unknown @ 0x8A633990)
[Address] SSDT[128] : NtOpenThread @ 0x805CB712 -> HOOKED (Unknown @ 0x8A68E7A0)
[Address] SSDT[137] : NtProtectVirtualMemory @ 0x805B8452 -> HOOKED (Unknown @ 0x8A633700)
[Address] SSDT[206] : NtResumeThread @ 0x805D4A48 -> HOOKED (Unknown @ 0x8A633E60)
[Address] SSDT[213] : NtSetContextThread @ 0x805D2C4A -> HOOKED (Unknown @ 0x8A68E230)
[Address] SSDT[228] : NtSetInformationProcess @ 0x805CDED0 -> HOOKED (Unknown @ 0x8A68E2C8)
[Address] SSDT[240] : NtSetSystemInformation @ 0x8060FE98 -> HOOKED (Unknown @ 0x8A6338D8)
[Address] SSDT[253] : NtSuspendProcess @ 0x805D4B10 -> HOOKED (Unknown @ 0x8A633A28)
[Address] SSDT[254] : NtSuspendThread @ 0x805D4982 -> HOOKED (Unknown @ 0x8A633EF8)
[Address] SSDT[257] : NtTerminateProcess @ 0x805D2308 -> HOOKED (Unknown @ 0x8A63A008)
[Address] SSDT[258] : NtTerminateThread @ 0x805D2502 -> HOOKED (Unknown @ 0x8A633F90)
[Address] SSDT[267] : NtUnmapViewOfSection @ 0x805B2E7C -> HOOKED (Unknown @ 0x8A68E370)
[Address] SSDT[277] : NtWriteVirtualMemory @ 0x805B4400 -> HOOKED (Unknown @ 0x8A68E510)
[Address] Shadow SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x8A69C0A8)
[Address] Shadow SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x8A8ABAD8)
[Address] Shadow SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x89F3B8F8)
[Address] Shadow SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x8A8809B8)
[Address] Shadow SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x8A878840)
[Address] Shadow SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x8A880840)
[Address] Shadow SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x8A87D8E8)
[Address] Shadow SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x8A9570C0)
[Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8A87B840)
[Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8A52E0E0)
[Inline] EAT @firefox.exe (NtMapViewOfSection) : ntdll.dll -> HOOKED (Unknown @ 0x078D0048)
[Inline] EAT @firefox.exe (NtSetInformationProcess) : ntdll.dll -> HOOKED (Unknown @ 0x078D012A)
[Inline] EAT @firefox.exe (ZwMapViewOfSection) : ntdll.dll -> HOOKED (Unknown @ 0x078D0048)
[Inline] EAT @firefox.exe (ZwSetInformationProcess) : ntdll.dll -> HOOKED (Unknown @ 0x078D012A)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3160023AS 40Y8752LEN +++++
--- User ---
[MBR] 775abbb8c521dbc99a5c621fdb78e345
[BSP] bec834699c64a6e1062203a48c385e09 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 148993 Mo
1 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 305138610 | Size: 3631 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_02012014_105740.txt >>

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.02.01.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
:: DESKTOP [administrator]

2/1/2014 12:00:03 PM
mbar-log-2014-02-01 (12-00-03).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 268185
Time elapsed: 12 hour(s), 17 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

kaythos · 2014/02/02

Here is the big one (in 2 posts)

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.391000 GHz
Memory total: 2951196672, free: 1572712448

Downloaded database version: v2014.02.01.05
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
02/01/2014 11:57:10
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
SYMDS.SYS
sr.sys
SYMEFA.SYS
drvmcdb.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
Mup.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\b57xp32.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HSFHWBS2.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\HSF_DP.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\drivers\smwdm.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\aeaudio.sys
\SystemRoot\system32\drivers\senfilt.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\iviaspi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\system32\drivers\sscdbhk5.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\dsNcAdpt.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\psadd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\i2omgmt.SYS
\SystemRoot\system32\drivers\NAV\1501000.012\ccSetx86.sys
\SystemRoot\system32\drivers\NZ\0101000.004\ccSetx86.sys
\SystemRoot\system32\drivers\NAV\1501000.012\Ironx86.SYS
\SystemRoot\system32\DRIVERS\P0630Vid.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\P0630EVX.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\ssrtln.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\NAV\1501000.012\SYMTDI.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\pelusblf.sys
\SystemRoot\system32\DRIVERS\pelmouse.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\drivers\NAV\1501000.012\SRTSPX.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\??\C:\Program Files\Norton AntiVirus\NortonData\21.0.2.1\Definitions\BASHDefs\20140121.001\BHDrvx86.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\system32\drivers\drvnddm.sys
\SystemRoot\system32\dla\tfsndres.sys
\SystemRoot\system32\dla\tfsnifs.sys
\SystemRoot\system32\dla\tfsnopio.sys
\SystemRoot\system32\dla\tfsnpool.sys
\SystemRoot\system32\dla\tfsnboio.sys
\SystemRoot\system32\dla\tfsncofs.sys
\SystemRoot\system32\dla\tfsndrct.sys
\SystemRoot\system32\dla\tfsnudf.sys
\SystemRoot\system32\dla\tfsnudfa.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS
\SystemRoot\System32\Drivers\HTTP.sys
\??\c:\WINDOWS\system32\drivers\ibmfilter.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\??\C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS
\??\C:\WINDOWS\system32\drivers\symlcbrd.sys
\SystemRoot\System32\Drivers\TDTCP.SYS
\SystemRoot\System32\Drivers\RDPWD.SYS
\SystemRoot\System32\Drivers\NAV\1501000.012\SRTSP.SYS
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\??\C:\Program Files\Norton AntiVirus\NortonData\21.0.2.1\Definitions\VirusDefs\20140131.002\NAVEX15.SYS
\??\C:\Program Files\Norton AntiVirus\NortonData\21.0.2.1\Definitions\VirusDefs\20140131.002\NAVENG.SYS
\??\C:\Program Files\Norton AntiVirus\NortonData\21.0.2.1\Definitions\IPSDefs\20140131.001\IDSxpx86.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8ad81ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff8ad2ed98
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8ad81ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8ad24930, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8ad81ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8ad25f18, DeviceName: \Device\00000078\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8ad2ed98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Read File: File "C:\WINDOWS\system32\drivers\sysaudio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sysaudio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tape.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tape.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tcpip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tcpip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tcpip6.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tcpip6.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tdi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tdi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tdpipe.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tdpipe.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tdtcp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tdtcp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\termdd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\termdd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tosdvd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tosdvd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\toside.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\toside.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tsbvcap.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tsbvcap.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\tunmp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\tunmp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\uagp35.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\uagp35.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\udfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\udfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ultra.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ultra.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\update.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\update.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\usbcamd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbcamd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ipinip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ipinip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ipnat.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ipnat.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ipsec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ipsec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\irenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\irenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\iviaspi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\iviaspi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\kmixer.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\kmixer.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ksecdd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ksecdd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mcd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mcd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mdmxsdk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mdmxsdk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mf.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mf.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\MidiSyn.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\MidiSyn.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mnmdd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mnmdd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\modem.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\modem.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\psched.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\psched.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ptilink.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ptilink.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pxhelp20.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pxhelp20.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ql1080.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ql1080.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ql10wnt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ql10wnt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ql12160.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ql12160.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ql1240.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ql1240.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ql1280.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ql1280.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rasacd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rasacd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rasl2tp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rasl2tp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\raspppoe.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\raspppoe.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\raspptp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\raspptp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\raspti.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\raspti.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rawwan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rawwan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rdbss.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rdbss.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rdpcdd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rdpcdd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rdpdr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rdpdr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rdpwd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rdpwd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\recagent.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\recagent.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\redbook.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\redbook.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rfcomm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cdfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cdr4_xp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdr4_xp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cdralw2k.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdralw2k.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ch7xxnt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ch7xxnt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cinemst2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cinemst2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\classpnp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\classpnp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cmdide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cmdide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cpqarray.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cpqarray.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cpqdap01.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cpqdap01.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\crusoe.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\crusoe.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cxthsfs2.cty" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cxthsfs2.cty" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dac2w2k.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dac2w2k.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dac960nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dac960nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\diskdump.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\diskdump.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dmboot.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dmboot.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dmio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dmio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dmload.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dmload.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dmusic.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dmusic.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dot4.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dot4.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\Dot4Prt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\Dot4Prt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dpti2o.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dpti2o.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\drvmcdb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drvmcdb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\drvnddm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\drvnddm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dsNcAdpt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dsNcAdpt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dxapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dxapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\dxgthk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\dxgthk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\e100b325.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\e100b325.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\splitter.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\splitter.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\srv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\srv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sscdbhk5.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sscdbhk5.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ssrtln.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ssrtln.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\streamip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\streamip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\swmidi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\swmidi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\symc810.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\symc810.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\symc8xx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\symc8xx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\symlcbrd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\symlcbrd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sym_hi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sym_hi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\asc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\asc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinbtxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atinbtxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv01nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atv01nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cdaudio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cdaudio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hsfbs2s2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hsfbs2s2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ipfltdrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ipfltdrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\oprghdlr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\oprghdlr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\psasrv.exe" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\psasrv.exe" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rio8drv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rio8drv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sparrow.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sparrow.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sym_u3.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sym_u3.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\usbcamd2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbcamd2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ndis.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ndis.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ndisip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ndisip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ndistapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ndistapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ndisuio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ndisuio.sys" is compressed (flags = 1)

kaythos · 2014/02/02

This is the last part of system-log.

Read File: File "C:\WINDOWS\SYSTEM32\drivers\ndisuio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ndiswan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ndiswan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\netbios.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\netbios.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\netbt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\netbt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\netwlan5.img" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\netwlan5.img" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nikedrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\nikedrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nmnt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\nmnt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\npfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\npfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ntfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ntfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ntmtlfax.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ntmtlfax.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\null.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\null.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nwlnkflt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\nwlnkflt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nwlnkfwd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\nwlnkfwd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nwlnkipx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\nwlnkipx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nwlnknb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\nwlnknb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nwlnkspx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\nwlnkspx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nwrdr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\nwrdr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\asc3350p.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\asc3350p.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\asc3550.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\asc3550.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\asyncmac.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\asyncmac.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1btxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1btxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1mdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1mdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1pdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1pdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1raxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1raxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1rvxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1rvxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1snxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1snxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1ttxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1ttxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1tuxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1tuxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1xbxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1xbxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati1xsxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati1xsxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ati2mtaa.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ati2mtaa.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\fastfat.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fastfat.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\fips.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fips.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\fltmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fltmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\fsvga.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fsvga.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\fs_rec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\fs_rec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ftdisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ftdisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\gagp30kx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\gagp30kx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\gm.dls" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\gm.dls" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\gmreadme.txt" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\gmreadme.txt" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hidir.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hidir.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hpn.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hpn.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hppaufd0.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hppaufd0.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\HPx9G2k.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\HPx9G2k.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hsf2002.cty" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hsf2002.cty" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\riodrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\riodrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rmcast.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rmcast.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rndismp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rndismp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rndismpx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rndismpx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\rootmdm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\rootmdm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\s3gnbm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\s3gnbm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\scsiport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\scsiport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\secdrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\secdrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\serscan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\serscan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sffdisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sffdisk.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sffp_mmc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sffp_mmc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sffp_sd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sffp_sd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\siint5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\siint5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sisagp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sisagp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\slip.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slnt7554.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\slnt7554.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slntamr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\slntamr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slnthal.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\slnthal.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\slwdmsup.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\slwdmsup.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\smbali.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\smbali.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\smclib.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\smclib.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\sonydcam.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\sonydcam.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\P0630Evx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\P0630Evx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\P0630Vid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\P0630Vid.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\p3.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\p3.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\partmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\partmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\parvdm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\parvdm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\PcdrNdisuio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\PcdrNdisuio.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\PcdrNt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\PcdrNt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pcdrsrvc.pkms" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pcdrsrvc.pkms" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\perc2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\perc2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\perc2hib.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\perc2hib.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\pfc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\pfc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\PMEMNT.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\PMEMNT.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\psadd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\psadd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ABP480N5.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ABP480N5.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ac97intc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ac97intc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\acpiec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\acpiec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adpu160m.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\adpu160m.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv01nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\adv01nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv02nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\adv02nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv05nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\adv05nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv07nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\adv07nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv08nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\adv08nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv09nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\adv09nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\adv11nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\adv11nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\aec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\aec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\afd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\afd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\agp440.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\agp440.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\agpcpq.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\agpcpq.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\aha154x.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\aha154x.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\aic78u2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\aic78u2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\aic78xx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\aic78xx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ALCXWDM.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ALCXWDM.SYS" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\aliide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\aliide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\alim1541.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\alim1541.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\amdagp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdagp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\amdk6.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdk6.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\amdk7.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amdk7.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\amsint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\amsint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\usbintel.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbintel.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\vchnt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vchnt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\vdmindvd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vdmindvd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\vga.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\vga.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\viaagp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\viaagp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\viaide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\viaide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\videoprt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\videoprt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv07nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wadv07nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv08nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wadv08nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv09nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wadv09nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wadv11nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wadv11nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wanarp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wanarp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\watv06nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\watv06nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\watv10nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\watv10nt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wdmaud.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wdmaud.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wmilib.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wmilib.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wpdusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wpdusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ws2ifsl.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ws2ifsl.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\wstcodec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\wstcodec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\WudfPf.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\WudfPf.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\WudfRd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\WudfRd.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hsfcxts2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hsfcxts2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\hsfdpsp2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\hsfdpsp2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\HSFHWBS2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\HSFHWBS2.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\HSF_CNXT.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\HSF_CNXT.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\HSF_DP.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\HSF_DP.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\http.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\http.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\i2omgmt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\i2omgmt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\i2omp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\i2omp.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ibmfilter.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ibmfilter.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\IBM_8122_55U.MRK" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\IBM_8122_55U.MRK" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\imapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\imapi.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ini910u.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ini910u.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\intelide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelide.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ip6fw.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ip6fw.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv02nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atv02nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv04nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atv04nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv06nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atv06nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atv10nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atv10nt5.dll" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\beep.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\beep.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bridge.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bridge.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthpan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthprint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthprint.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\bthusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\bthusb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cbidf2k.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cbidf2k.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ccdecode.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ccdecode.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\cd20xrnt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\cd20xrnt.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinmdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atinmdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinpdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atinpdxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinraxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atinraxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinrvxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atinrvxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinsnxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atinsnxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinttxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atinttxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atintuxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atintuxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinxbxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atinxbxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atinxsxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atinxsxx.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\ativmc20.cod" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\ativmc20.cod" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atmarpc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atmarpc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atmepvc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atmepvc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atmlane.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atmlane.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\atmuni.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\atmuni.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mountmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mountmgr.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mqac.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mqac.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mraid35x.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mraid35x.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mrxdav.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mrxdav.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mrxsmb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mrxsmb.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\msfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msfs.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\msgpc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\msgpc.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mskssrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mskssrv.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mspclock.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mspclock.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mspqm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mspqm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mstee.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mstee.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mtlmnt5.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mtlmnt5.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mtlstrm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mtxparhm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mtxparhm.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mup.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mup.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\mutohpen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\mutohpen.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\system32\drivers\nabtsfec.sys" is compressed (flags = 1)
Read File: File "C:\WINDOWS\SYSTEM32\drivers\nabtsfec.sys" is compressed (flags = 1)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: CCCDCCCD

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 305138547
Partition file system is NTFS
Partition is bootable

Partition 1 type is Other (0x12)
Partition is NOT ACTIVE.
Partition starts at LBA: 305138610 Numsec = 7438095

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 160041885696 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-312561808-312581808)...
Done!
Read File: File "C:\Documents and Settings\All Users\DRM\drmstore.hds" is compressed (flags = 1)
Read File: File "C:\WINDOWS\WindowsUpdate.log" is compressed (flags = 1)
Read File: File "C:\WINDOWS\wiadebug.log" is compressed (flags = 1)
Read File: File "C:\WINDOWS\wiaservc.log" is compressed (flags = 1)
Scan finished
=======================================

Removal queue found; removal started
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

broni · 2014/02/02

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Never rename Combofix unless instructed.

Close any open browsers.

Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

Close any open browsers.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
If the connection is not there use restore point you created prior to running Combofix.

Double click on combofix.exe & follow the prompts.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results ". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: http://www.appremover.com/
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

Double-click on the Rkill desktop icon to run the tool.

If using Vista or Windows 7 right-click on it and choose Run As Administrator.

A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

If not, delete the file, then download and use the one provided in Link 2.

Do not reboot until instructed.

If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

broni · 2014/02/07

Still with me?

kaythos · 2014/02/08

Broni;

I am still here but am severely handicapped by the slowness of my machine.

Did you get the combofix logs I sent earlier this week? If not will try again. I will make it in three parts instead of two

kaythos

broni · 2014/02/08

No Combofix log.

kaythos · 2014/02/08

Broni;

Here is the first part. Let me know if you get it please

ComboFix 14-02-03.01 - Kevin 02/04/2014 11:48:09.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2814.1919 [GMT -5:00]
Running from: c:\documents and settings\Kevin\My Documents\Downloads\ComboFix.exe
AV: Norton AntiVirus *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton AntiVirus *Enabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome.manifest
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\asyncDB.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\background.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\browserAction.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\contextMenu.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\dbManager.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\dom_bg.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\fileManager.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\firefox.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\firefoxNotifications.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\firefoxOmnibox.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\message.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\pageAction.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\request.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\tabs.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\api\webRequest.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\background.html
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\baseObject.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\browser.xul
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\console.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\consts.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\delegate.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\extensionDataStore.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\folderIOWrapper.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\httpObserver.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\IDBWrapper.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\installer.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\logFile.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\prefs.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\progressListenerObserver.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\registry.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\reloadObserver.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\reports.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\requestObject.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\searchSettings.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\uninstallObserver.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\updateManager.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\utils.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\core\xhr.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\dialog.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\main.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\options.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\options.xul
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\chrome\content\search_dialog.xul
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\defaults\preferences\prefs.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\manifest.xml
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins.json
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\1_base.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\102_dealply_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\103_intext_5_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\104_jollywallet_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\105_corticas_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\108_icm_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\119_similar_web_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\120_luck_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\123_intext_adv_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\125_arcadi2_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\126_revizer_ws_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\127_revizer_p_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\128_superfish_pricora_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\135_arcadi3_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\138_getdeal_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\14_CrossriderUtils.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\142_intext_fa_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\155_ibario_pops_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\159_cortica_rollover_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\17_jQuery.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\175_coolmirage_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\177_crossriderDashboard.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\180_bpo_serp_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\182_openUrl.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\183_tabsWrapper.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\184_noproblemppc_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\189_active_sanity.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\190_pops_5_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\191_ciuvo_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\194_retargeting_bi_m.js.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\197_kreapixel_pops_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\199_superfish_no_coupons_plushd_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\200_foxydeal_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\204_pricedetect_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\207_dbWrapper.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\21_debug.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\22_resources.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\220_icm_base_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\28_initializer.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\4_jquery_1_7_1.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\47_resources_background.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\64_appApiMessage.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\7_hooks.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\72_appApiValidation.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\78_CrossriderInfo.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\87_ginyas_wrapper.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\9_search_engine_hook.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\91_monetizationLoader.js.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\plugins\98_omniCommands.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\userCode\background.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\extensionData\userCode\extension.js
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\install.rdf
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\locale\en-US\translations.dtd
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button1.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button2.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button3.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button4.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\button5.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\crossrider_statusbar.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\icon128.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\icon16.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\icon24.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\icon48.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\panelarrow-up.png
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\popup.html
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\skin.css
c:\documents and settings\Kevin\Application Data\Mozilla\Firefox\Profiles\wjqb4ex1.default-1386259525234\extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com\skin\update.css
c:\documents and settings\Kevin\Favorites\Antivirus Test Online.url
c:\documents and settings\Kevin\Local Settings\Temporary Internet Files\BrowseSmart_iels
c:\documents and settings\Kevin\My Documents\DPE.DUS
c:\documents and settings\Kevin\WINDOWS
C:\END
c:\program files\clj2500pcl6winvista2kxp2003.exe
c:\program files\Setup.exe
c:\program files\sz1120008.exe
c:\windows\Installer\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}
c:\windows\Installer\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}\icon64.ico
c:\windows\iun6002.exe
c:\windows\system32\Cache
c:\windows\system32\Cache\04baf41f09d31670.fb
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\3dd0ca07e881b737.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6a3b19dcc9c3ac76.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\9796f81139e90f4b.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\DEBUG.log
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\pwdmon.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ADPEAKPROXY
.
.
((((((((((((((((((((((((( Files Created from 2014-01-04 to 2014-02-04 )))))))))))))))))))))))))))))))
.
.
2014-02-04 17:37 . 2014-02-04 17:37 63115 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2014-02-04 17:37 . 2014-02-04 17:37 4599 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2014-02-04 17:37 . 2014-02-04 17:37 6429 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2014-02-04 17:37 . 2014-02-04 17:37 8646 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2014-02-04 17:37 . 2014-02-04 17:37 9310 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2014-02-04 17:37 . 2014-02-04 17:37 5927 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2014-02-04 17:37 . 2014-02-04 17:37 8613 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2014-02-04 17:37 . 2014-02-04 17:37 1651 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2014-02-04 17:37 . 2014-02-04 17:37 6910 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2014-02-04 17:37 . 2014-02-04 17:37 6208 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2014-02-04 17:37 . 2014-02-04 17:37 18541 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2014-02-04 17:37 . 2014-02-04 17:37 8288 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2014-02-04 17:36 . 2014-02-04 17:36 51852 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2014-02-04 17:36 . 2014-02-04 17:36 20719 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2014-02-04 17:36 . 2014-02-04 17:36 8782 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-02-04 17:36 . 2014-02-04 17:36 7271 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-02-04 17:36 . 2014-02-04 17:36 23327 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2014-02-01 16:57 . 2014-02-02 11:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-02-01 16:56 . 2014-02-04 15:46 40776 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-02-01 16:53 . 2014-02-01 16:53 52312 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-02-01 15:46 . 2014-02-01 15:46 -------- d-----w- c:\documents and settings\All Users\Application Data\22203
2014-02-01 15:41 . 2014-02-01 15:46 -------- d-----w- c:\documents and settings\Kevin\Local Settings\Application Data\BearShare
2014-02-01 15:41 . 2014-02-01 15:41 -------- d-----w- c:\program files\BearShare Applications
2014-01-31 15:20 . 2014-01-31 15:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-31 15:20 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-25 21:30 . 2010-11-17 01:10 527208 ------w- c:\windows\system32\HPDiscoPM5312.dll
2014-01-19 03:08 . 2014-01-19 03:10 -------- d-----w- C:\Norton
2014-01-18 12:15 . 2014-01-18 12:16 -------- d-----w- c:\documents and settings\Kevin\Local Settings\Application Data\NPE
2014-01-17 21:39 . 2013-12-19 01:46 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-01-10 21:25 . 2014-01-10 22:44 -------- d-----w- c:\program files\Speccy
2014-01-09 21:58 . 2014-01-09 21:58 -------- d-----w- c:\windows\system32\wbem\Repository
2014-01-09 20:32 . 2004-08-17 11:21 87168 ----a-w- c:\windows\system32\drvmcdb.sys
2014-01-08 14:55 . 2014-01-08 14:55 -------- d-----w- c:\documents and settings\Kevin\Local Settings\Application Data\AOL Toolbar
2014-01-08 14:55 . 2014-01-08 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Toolbar
2014-01-08 14:54 . 2014-01-08 14:54 -------- d-----w- c:\program files\Common Files\Software Update Utility
2014-01-08 14:54 . 2014-01-08 14:55 -------- d-----w- c:\program files\AOL Toolbar
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-19 02:10 . 2014-01-17 21:38 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-11 17:18 . 2012-04-09 10:16 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 17:18 . 2011-05-20 11:00 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-27 20:21 . 1980-01-01 08:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-27 12:00 . 2003-03-18 23:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-11-23 22:16 . 2012-11-21 20:37 53248 -c--a-w- c:\windows\system32\CSVer.dll
2013-11-13 02:59 . 1980-01-01 08:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-11 16:38 . 2013-11-23 22:40 57344 ----a-w- c:\windows\system32\OpenCL.dll
2013-11-11 16:38 . 2013-11-23 22:36 893728 ----a-w- c:\windows\system32\nvdispgenco3233182.dll
2013-11-11 16:38 . 2013-11-23 22:36 1049888 ----a-w- c:\windows\system32\nvdispco3233182.dll
2013-11-11 16:38 . 2013-03-23 05:22 9646080 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-11 16:38 . 2013-03-23 05:22 2747680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-11 16:38 . 2013-03-23 05:22 22183936 ----a-w- c:\windows\system32\nvoglnt.dll
2013-11-11 16:38 . 2013-03-23 05:22 9605120 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-11 16:38 . 2013-03-23 05:22 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-11 16:38 . 2013-03-23 05:22 2633728 ----a-w- c:\windows\system32\nvapi.dll
2013-11-11 16:38 . 2013-03-23 05:22 2952992 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-11 16:38 . 2004-08-09 18:47 12684992 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-11-11 16:38 . 2004-08-09 18:47 4083584 ----a-w- c:\windows\system32\nv4_disp.dll
2013-11-11 14:31 . 2013-11-23 22:41 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-11-11 14:31 . 2013-11-23 22:41 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-11-11 14:31 . 2013-11-23 22:41 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-11-11 14:31 . 2013-11-23 22:41 209184 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 14:31 . 2013-11-23 22:41 15711008 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-08 12:02 . 2003-02-21 07:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-11-07 05:38 . 1980-01-01 08:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2009-12-13 14:05 . 2009-12-13 14:05 327000 ----a-w- c:\program files\InstallManager_Bing_Microsoft.exe
2009-07-23 13:25 . 2009-07-23 13:24 8117208 -c--a-w- c:\program files\Firefox Setup 3.5.1.exe
2009-06-28 13:31 . 2007-03-25 23:01 21935408 -c--a-w- c:\program files\QuickTimeInstaller.exe
2009-04-14 15:20 . 2009-04-14 15:20 1143656 -c--a-w- c:\program files\wlsetup-web.exe
2009-04-13 21:21 . 2009-04-13 21:20 16883056 -c--a-w- c:\program files\IE8-WindowsXP-x86-ENU.exe
2009-03-26 20:11 . 2006-12-28 14:25 25740144 -c--a-w- c:\program files\wmp11-windowsxp-x86-enu.exe
2009-03-07 23:12 . 2007-10-29 17:05 1878888 -c--a-w- c:\program files\install_flash_player.exe
2009-02-28 22:45 . 2009-02-28 22:44 23516968 ----a-w- c:\program files\SkypeSetupFull.exe
2008-08-22 22:09 . 2008-08-22 22:09 17580000 -c--a-w- c:\program files\pse_300_enu.exe
2008-08-09 10:31 . 2008-08-09 10:31 4891216 -c--a-w- c:\program files\Silverlight.2.0.exe
2008-06-01 20:36 . 2008-06-01 20:37 904912 ----a-w- c:\program files\Google Updater.exe
2008-05-17 21:56 . 2008-05-17 21:57 4257184 ----a-w- c:\program files\registryboosteraff.exe
2008-01-25 20:38 . 2007-12-07 17:37 12727648 -c--a-w- c:\program files\winzip111.exe
2008-01-01 23:20 . 2008-01-01 23:20 12438648 -c--a-w- c:\program files\ezcalendarFree.exe
2008-01-01 04:49 . 2008-01-01 04:49 5636048 -c--a-w- c:\program files\wmvfirefoxpluginsetup.exe
2007-11-22 15:36 . 2007-11-22 15:35 54330664 ----a-w- c:\program files\iTunes75Setup.exe
2007-10-21 22:29 . 2007-10-21 21:56 65449972 -c--a-w- c:\program files\DesignCAD3DMax18-ESD.exe
2007-04-12 21:13 . 2007-01-05 22:46 7718504 -c----w- c:\program files\winzip110.exe
2007-03-09 13:55 . 2007-03-09 13:56 363816 -c----w- c:\program files\download-TurboCADDeluxe12Trial.exe.exe
2007-02-27 18:52 . 2007-02-27 18:52 9583328 -c----w- c:\program files\DesktopDoctor1.5.4.exe
2006-12-10 02:54 . 2006-12-10 02:55 5186048 -c----w- c:\program files\WindowsDefender.msi
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\system32\wuauclt.exe
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-04-14 . ED7262E52C31CF1625B65039102BC16C . 111104 . . [5.4.3790.5512] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
.
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[7] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[7] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[7] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[7] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[7] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[7] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[7] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[7] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[7] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[7] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[7] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[7] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[7] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[7] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[7] 2004-08-04 13:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll
.
[7] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[7] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[7] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[7] 2012-10-03 . 6FE42512AB1B89F32A7407F261B1D2D0 . 990208 . . [5.1.2600.6293] . . c:\windows\system32\kernel32.dll
[7] 2012-10-03 . 6FE42512AB1B89F32A7407F261B1D2D0 . 990208 . . [5.1.2600.6293] . . c:\windows\system32\dllcache\kernel32.dll
[7] 2012-10-03 . 6CBFEEB384F04681AF75F495AA48DD32 . 991744 . . [5.1.2600.6293] . . c:\windows\$hf_mig$\KB2758857\SP3QFE\kernel32.dll
[7] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[7] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[7] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\$NtUninstallKB2758857$\kernel32.dll
[7] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[7] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . D8DB5397DE07577C1CB50BA6D23B3AD4 . 984064 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[7] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
.
[7] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[7] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[7] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll
.
[7] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[7] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[7] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
[7] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[7] 2013-10-29 . 680BD97BA5C817BCE79162496D51528D . 6020608 . . [8.00.6001.23543] . . c:\windows\system32\mshtml.dll
[7] 2013-10-29 . 680BD97BA5C817BCE79162496D51528D . 6020608 . . [8.00.6001.23543] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2013-10-13 . 0794CD09BE3D1E7A966C95E76FC86F47 . 6021120 . . [8.00.6001.23536] . . c:\windows\ie8updates\KB2898785-IE8\mshtml.dll

broni · 2014/02/08

Go on...

kaythos · 2014/02/08

Here is part 2 of combofix

[7] 2013-10-13 . 0794CD09BE3D1E7A966C95E76FC86F47 . 6021120 . . [8.00.6001.23536] . . c:\windows\ie8updates\KB2898785-IE8\mshtml.dll
[7] 2013-09-23 . 579017CF9C919429188190DAE79BB8FC . 6017536 . . [8.00.6001.23532] . . c:\windows\ie8updates\KB2888505-IE8\mshtml.dll
[7] 2013-08-08 . 4C9AFE1AE4112D260A3E7846C60C774D . 6017536 . . [8.00.6001.23520] . . c:\windows\ie8updates\KB2879017-IE8\mshtml.dll
.
[7] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[7] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[7] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[7] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[7] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[7] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
.
[7] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[7] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[7] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[7] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[7] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[7] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[7] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[7] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[7] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[7] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[7] 2004-08-04 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll
.
[7] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[7] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[7] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[7] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[7] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[7] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[7] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[7] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[7] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[7] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[7] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[7] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[7] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[7] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[7] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[7] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[7] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[7] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll
.
[7] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[7] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
.
[7] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[7] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[7] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
[7] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[7] 2013-10-29 . FBF173582874C30EC5FAF8F8A67D873E . 920064 . . [8.00.6001.23543] . . c:\windows\system32\wininet.dll
[7] 2013-10-29 . FBF173582874C30EC5FAF8F8A67D873E . 920064 . . [8.00.6001.23543] . . c:\windows\system32\dllcache\wininet.dll
[7] 2013-10-13 . C5ACAB147F9697F40ECEBB4BC0247EBF . 920064 . . [8.00.6001.23536] . . c:\windows\ie8updates\KB2898785-IE8\wininet.dll
[7] 2013-09-23 . D73F1BE00684E675571015B3A5880F5B . 920064 . . [8.00.6001.23532] . . c:\windows\ie8updates\KB2888505-IE8\wininet.dll
[7] 2013-08-08 . F1BD516A4446B737BAEFB9FBAA92F01A . 920064 . . [8.00.6001.23520] . . c:\windows\ie8updates\KB2879017-IE8\wininet.dll
[7] 2013-07-26 . D46E195D0C76D430D73576CDAC763F78 . 920064 . . [8.00.6001.23515] . . c:\windows\ie8updates\KB2870699-IE8\wininet.dll
[7] 2013-06-07 . C087CC88D7CD554409CBB5EBC29E8E38 . 920064 . . [8.00.6001.23507] . . c:\windows\ie8updates\KB2862772-IE8\wininet.dll
[7] 2013-05-07 . CE5BA470204A3176E60721C4B63B8DF3 . 920064 . . [8.00.6001.23499] . . c:\windows\ie8updates\KB2846071-IE8\wininet.dll
[7] 2013-04-16 . 5C4AAC5A91422C95522ECC6C26FB93C8 . 920064 . . [8.00.6001.23486] . . c:\windows\ie8updates\KB2838727-IE8\wininet.dll
[7] 2013-03-02 . DA5B96A293B006572209E5EAC9F3A045 . 916480 . . [8.00.6001.19412] . . c:\windows\ie8updates\KB2829530-IE8\wininet.dll
[7] 2013-03-02 . 43EADBA9F3CD2A5F01B189BD95FCDE95 . 920064 . . [8.00.6001.23480] . . c:\windows\$hf_mig$\KB2817183-IE8\SP3QFE\wininet.dll
[7] 2013-02-05 . 5AACF4B4DEE1972B7952E8A747122232 . 916480 . . [8.00.6001.19401] . . c:\windows\ie8updates\KB2817183-IE8\wininet.dll
[7] 2013-02-05 . BE30BEF4C13065D09772F9895FCB9D22 . 920064 . . [8.00.6001.23469] . . c:\windows\$hf_mig$\KB2809289-IE8\SP3QFE\wininet.dll
[7] 2012-12-26 . D175F91A4C98B8848818C9B5089F88A2 . 916480 . . [8.00.6001.19394] . . c:\windows\ie8updates\KB2809289-IE8\wininet.dll
[7] 2012-12-26 . B8BEF9519A1B124DEAF94081F6C5A767 . 920064 . . [8.00.6001.23462] . . c:\windows\$hf_mig$\KB2792100-IE8\SP3QFE\wininet.dll
[7] 2012-11-01 . 9AD88EA663124336E88EB031F917CE20 . 916992 . . [8.00.6001.19389] . . c:\windows\ie8updates\KB2792100-IE8\wininet.dll
[7] 2012-11-01 . ACC92628CFFF9BB6F8886329888014A8 . 920064 . . [8.00.6001.23458] . . c:\windows\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll
[7] 2012-08-28 . FF1C14BCA1A797CE45DD359FA2C9EDA8 . 916992 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2761465-IE8\wininet.dll
[7] 2012-08-28 . DCEA3B3193B7181CF818ECC4EAB30A66 . 920064 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll
.
[7] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[7] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[7] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[7] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[7] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[7] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[7] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
[7] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[7] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
[7] 2004-08-04 . 783AFC80383C176B22DBF8333343992D . 146432 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2013-08-05 . 59B408E5B8489B0B36A0D783D150EDCC . 1289728 . . [5.1.2600.6435] . . c:\windows\system32\ole32.dll
[7] 2013-08-05 . 59B408E5B8489B0B36A0D783D150EDCC . 1289728 . . [5.1.2600.6435] . . c:\windows\system32\dllcache\ole32.dll
[7] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\$NtUninstallKB2876217$\ole32.dll
[7] 2011-11-01 . 7D9DDE1AB4B00DDB173F5A16E9206517 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[7] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[7] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[-] 2005-04-28 . 5950E4F28FDA9D147576BF6798937397 . 1285120 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll
[7] 2004-08-04 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\ole32.dll
.
[7] 2013-07-10 . 1D845821F5ADB076831DE4C2818F858B . 406016 . . [1.0420.2600.6421] . . c:\windows\system32\usp10.dll
[7] 2013-07-10 . 1D845821F5ADB076831DE4C2818F858B . 406016 . . [1.0420.2600.6421] . . c:\windows\system32\dllcache\usp10.dll
[7] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\$NtUninstallKB2850869$\usp10.dll
[7] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[7] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[7] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[7] 2004-08-04 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\ksuser.dll
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ReinstallBackups\0020\DriverFiles\i386\ksuser.dll
[7] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
.
[7] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[7] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[7] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[7] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[7] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[7] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[7] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[7] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll
.
[7] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msimg32.dll
[7] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
[7] 2004-08-04 . B5331F2B6F37C66C29C847F3B94FF900 . 4608 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msimg32.dll
.
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[7] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[7] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[7] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[7] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[7] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
[7] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[7] 2010-12-09 . 15CE4DBC22FAB90B3CA5352AF1FFF81C . 718336 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
[7] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
[7] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll
[7] 2009-02-09 . 911DDF2E16761643A47225F654D811E5 . 714752 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntdll.dll
[7] 2009-02-09 . 911DDF2E16761643A47225F654D811E5 . 714752 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll
[7] 2009-02-09 . B0913005EE3FC15D7F72472D0B8A30EB . 715264 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
[7] 2009-02-09 . C06986B55981B355090DD34DE809E4BB . 714752 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntdll.dll
[7] 2009-02-09 . 2F868BFFBF50524653D7FE0D99AFB064 . 715264 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntdll.dll
[7] 2008-04-14 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll
[7] 2008-04-14 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll
[7] 2004-08-04 . BB5CBFFC096497506167BCE1D9690EF2 . 708096 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntdll.dll
.
[7] 2009-02-27 . 69AA4E30B68CA408F358981B768106A8 . 177152 . . [5.1.2600.3531] . . c:\windows\$NtServicePackUninstall$\msctfime.ime
[7] 2009-02-27 . 3F790874A85819E94574F3E7AF9C5806 . 177152 . . [5.1.2600.5768] . . c:\windows\$hf_mig$\KB961503\SP3GDR\msctfime.ime
[7] 2009-02-27 . 3F790874A85819E94574F3E7AF9C5806 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\msctfime.ime
[7] 2009-02-27 . 3F790874A85819E94574F3E7AF9C5806 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\dllcache\msctfime.ime
[7] 2009-02-27 . A5A7EB6AE404A5C788443246C5D36283 . 177152 . . [5.1.2600.3531] . . c:\windows\$hf_mig$\KB961503\SP2QFE\msctfime.ime
[7] 2009-02-27 . 30B7D847BA9075AA8E1122FB6AF3D1B5 . 177152 . . [5.1.2600.5768] . . c:\windows\$hf_mig$\KB961503\SP3QFE\msctfime.ime
[7] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB961503$\msctfime.ime
[7] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime
[7] 2004-08-04 . D87041EAA67ECA4394F6D5D09C0C2885 . 177152 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB961503_0$\msctfime.ime
.
[7] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[7] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[7] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[7] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[7] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
[7] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[7] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[7] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[7] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[7] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[7] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[7] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[7] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[7] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[7] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[7] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[7] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[7] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[7] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[7] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[7] 2004-08-04 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[7] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[7] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[7] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
[7] 2004-08-04 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[7] 2004-08-04 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys
[7] 2004-08-04 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[7] 2004-08-04 06:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys
.
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\agp440.sys
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[7] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
.
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[7] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[7] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[7] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[7] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[7] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[7] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2004-08-04 13:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll
.
[7] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[7] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[7] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
[7] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[7] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[7] 2006-10-19 02:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[7] 2004-08-11 09:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[7] 2004-08-11 09:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[7] 2004-08-04 13:00 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
[7] 2013-07-04 . 4C47B37CF351FFEB1227CED0FF4751D5 . 2070144 . . [5.1.2600.6419] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2013-07-04 . 05F3DB567EAE368AE3BBD7E973490646 . 2028544 . . [5.1.2600.6419] . . c:\windows\system32\ntkrnlpa.exe
[7] 2013-07-04 . 4C47B37CF351FFEB1227CED0FF4751D5 . 2070144 . . [5.1.2600.6419] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2013-05-03 . 70F7DF7268C6AB388319A03375DAC4E5 . 2028544 . . [5.1.2600.6387] . . c:\windows\$NtUninstallKB2859537$\ntkrnlpa.exe
[7] 2013-03-07 . 9EBEDA306E5EABDABCFF8B695FCD4CD6 . 2070016 . . [5.1.2600.6368] . . c:\windows\$hf_mig$\KB2813170\SP3QFE\ntkrnlpa.exe
[7] 2013-03-07 . 9ED39805DF38061BB031D0F2B20DFB77 . 2028544 . . [5.1.2600.6368] . . c:\windows\$NtUninstallKB2839229$\ntkrnlpa.exe
[7] 2013-01-07 . 1251D608DFCE4B6801AD27A59B74985C . 2069760 . . [5.1.2600.6335] . . c:\windows\$hf_mig$\KB2799494\SP3QFE\ntkrnlpa.exe
[7] 2013-01-07 . 2C9091C3350E369BBB2464AABE2FD7CA . 2027520 . . [5.1.2600.6335] . . c:\windows\$NtUninstallKB2813170$\ntkrnlpa.exe
[7] 2012-08-21 . B326D5E256D2F32B23E64F49DEBCE31B . 2069632 . . [5.1.2600.6284] . . c:\windows\$hf_mig$\KB2724197\SP3QFE\ntkrnlpa.exe
[7] 2012-08-21 . 61027EE2D9859A2B41D588D92F256CFB . 2027520 . . [5.1.2600.6284] . . c:\windows\$NtUninstallKB2799494$\ntkrnlpa.exe
[7] 2012-05-04 . 8E99A0CE02C1BEDA6C0935A4DDE9CEAA . 2069120 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
[7] 2012-05-04 . 87763BB6C95901818050E52C378C9E15 . 2026496 . . [5.1.2600.6223] . . c:\windows\$NtUninstallKB2724197$\ntkrnlpa.exe
[7] 2012-04-11 . 063A0F8A90D8E2B802E5243FE9AABCF3 . 2069120 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
[7] 2012-04-11 . 61CCE48F7BD00E0E4D5CDE206F2DDC1B . 2026496 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe
[7] 2011-10-25 . DB19FFF0C805664CB95062C027B11FE9 . 2069376 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[7] 2011-10-25 . 36CAC3C8C4C10F4E21BFEABBFE7ACFFC . 2027008 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
[7] 2010-12-09 . F67CD97282E0ABFAF91A9A1359B16F2D . 2069376 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 9ED77E2307F6EC6F174C063C15AA3B8C . 2027008 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[7] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-04-27 . 49E936E1398D1A536E84CD5D068F0F09 . 2024448 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[7] 2010-02-16 . E8B8801DE921912EBDEEFC76662F7EAD . 2024448 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2009-12-09 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[7] 2009-12-08 . 089F1E207B067A4DDEB2EEC37BBB1AA7 . 2023936 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
.
[7] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[7] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[7] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
[7] 2004-08-04 13:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[7] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[7] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[7] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll
.
[7] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[7] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[7] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[7] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[7] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[7] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[7] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[7] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[7] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
[7] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[7] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[7] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[7] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
[7] 2004-08-04 13:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[7] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[7] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[7] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
[7] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[7] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[7] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[7] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2008-12-19 . 15E8A89499741D5CF59A9CF6463A4339 . 634024 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[7] 2008-12-19 . 030D78FE84A086ED376EFCBD2D72C522 . 634024 . . [7.00.6000.16791] . . c:\windows\ie8\iexplore.exe
[7] 2008-10-15 . 9D3DB9ADFABD2F0BC778EC03250A3ABB . 633632 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\iexplore.exe
[7] 2008-10-15 . 056C927CF7207857E8B34F7A8FFD9B9E . 633632 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[7] 2008-08-23 . E8305C30D35E85D6657ED3E9934CB302 . 635848 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
[7] 2008-08-23 . 1F03216084447F990AE797317D0A6E70 . 635848 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\iexplore.exe
[7] 2008-06-23 . 64E376A47763DAEABCDA14BD5B6EA286 . 625664 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\iexplore.exe
[7] 2008-06-23 . C52A9EF571E91535EB78DB4B8B95EA07 . 625664 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
[7] 2008-04-22 . 197B7E4030CFBD8D2979D375E1787AA2 . 625664 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
[7] 2008-04-22 . 232B22817B90AE0AFF2D189E3E3735AC . 625664 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\iexplore.exe
[7] 2008-04-14 . 55794B97A7FAABD2910873C85274F409 . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[7] 2008-02-29 . 2D0E5592AB5A46C27DAF7CCAFF4F5B59 . 625664 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\iexplore.exe
[7] 2008-02-22 . 6E0888626E0CAC79F57149814E22DB4D . 625664 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
[7] 2007-12-06 . 2703D940A62B731AA220529DD7331A78 . 625664 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\iexplore.exe
.
.
[7] 2013-07-04 . AFEE19399CF992A098309F7FDF87880A . 2149888 . . [5.1.2600.6419] . . c:\windows\system32\ntoskrnl.exe
[7] 2013-07-04 . A4A50A53FFBFEC545CDA85E98AF2106B . 2193536 . . [5.1.2600.6419] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2013-07-04 . A4A50A53FFBFEC545CDA85E98AF2106B . 2193536 . . [5.1.2600.6419] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2013-05-03 . 0F1ECE75329996EBDCF2774F9E46623D . 2149888 . . [5.1.2600.6387] . . c:\windows\$NtUninstallKB2859537$\ntoskrnl.exe
[7] 2013-03-07 . 8C39722F8C291F1BBCCE80EE23065897 . 2149888 . . [5.1.2600.6368] . . c:\windows\$NtUninstallKB2839229$\ntoskrnl.exe
.
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[7] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[7] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[7] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[7] 2004-08-04 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[7] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[7] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2006-12-19 . D9F097AA3B97034D3358A01B43E635B2 . 333824 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[7] 2004-08-04 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll
.
[7] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[7] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[7] 2004-08-04 . 3B4702155BB2AE9DC00C06A68834BDFA . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[7] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[7] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2006-06-26 . B5D08C96B2DADAF5171FB69E341B272B . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
[-] 2006-06-26 . 5F098BD2AE6B03044B085DECFFDF91EC . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
[7] 2004-08-04 . 4CAEC028C1E21C75E17877D4522D3DB4 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll
.
[7] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
[7] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[7] 2004-08-04 . A7F95A53EE055115DF03588997A47D4D . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
.

kaythos

Log in or Sign up

Solved IBM Desktop Probs-Malware?

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

kaythos Inactive Thread Starter

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

kaythos Inactive Thread Starter

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

Share This Page

Log in or Sign up

Solved IBM Desktop Probs-Malware?

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

kaythos Inactive Thread Starter

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

kaythos Inactive Thread Starter

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

broni Moderator Malware Analyst

kaythos Inactive Thread Starter

Share This Page

Useful Searches