Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

files open in properties window


  • This topic is locked This topic is locked
3 replies to this topic

#1 grnelf56

grnelf56

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:04 PM

Posted 29 January 2014 - 05:45 PM

Mod edit; Moved to Malware Logs forum ~~ boopme

 
All my desk top files open in a rt click window only properties and its very new I ran anti malware nothing found ran combo fix here are the results
 
ComboFix 14-01-29.01 - becky 01/29/2014  12:00:23.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5887.4433 [GMT -8:00]
Running from: E:\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\background.html
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\crossriderManifest.json
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\manifest.xml
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins.json
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\1_base.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\102_dealply_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\103_intext_5_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\104_jollywallet_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\105_corticas_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\108_icm_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\119_similar_web_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\120_luck_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\123_intext_adv_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\125_arcadi2_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\126_revizer_ws_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\127_revizer_p_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\128_superfish_pricora_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\135_arcadi3_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\138_getdeal_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\142_intext_fa_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\159_cortica_rollover_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\17_jQuery.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\175_coolmirage_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\180_bpo_serp_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\184_noproblemppc_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\189_active_sanity.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\190_pops_5_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\191_ciuvo_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\194_retargeting_bi_m.js.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\21_debug.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\22_resources.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\28_initializer.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\47_resources_background.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\5_notifications.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\64_appApiMessage.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\7_hooks.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\72_appApiValidation.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\87_ginyas_wrapper.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\9_search_engine_hook.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\userCode\background.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\extensionData\userCode\extension.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\icons\actions\1.png
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\icons\icon128.png
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\icons\icon16.png
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\icons\icon48.png
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\api\chrome.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\api\cookie.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\api\message.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\api\pageAction.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\api\pageActionBG.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\background.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\app_api.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\bg_app_api.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\consts.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\cookie_store.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\crossriderAPI.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\delegate.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\events.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\extensionDataStore.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\installer.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\logFile.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\logging.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\onBGDocumentLoad.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\popupResource\newPopup.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\popupResource\popup.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\reports.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\storageWrapper.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\updateManager.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\util.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\lib\xhr.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\js\main.js
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\manifest.json
c:\users\becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.32_0\popup.html
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome.manifest
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\asyncDB.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\background.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\browserAction.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\contextMenu.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\dbManager.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\dom_bg.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\fileManager.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\firefox.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\firefoxNotifications.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\firefoxOmnibox.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\message.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\pageAction.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\request.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\tabs.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\api\webRequest.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\background.html
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\baseObject.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\browser.xul
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\console.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\consts.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\delegate.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\extensionDataStore.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\folderIOWrapper.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\httpObserver.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\IDBWrapper.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\installer.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\logFile.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\prefs.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\progressListenerObserver.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\registry.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\reloadObserver.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\reports.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\requestObject.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\searchSettings.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\uninstallObserver.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\updateManager.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\utils.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\xhr.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\dialog.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\main.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\options.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\options.xul
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\search_dialog.xul
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\defaults\preferences\prefs.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\manifest.xml
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins.json
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\1_base.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\102_dealply_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\103_intext_5_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\104_jollywallet_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\105_corticas_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\108_icm_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\119_similar_web_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\120_luck_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\123_intext_adv_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\125_arcadi2_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\127_revizer_p_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\135_arcadi3_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\138_getdeal_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\142_intext_fa_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\17_jQuery.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\175_coolmirage_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\182_openUrl.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\183_tabsWrapper.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\189_active_sanity.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\190_pops_5_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\191_ciuvo_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\194_retargeting_bi_m.js.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\207_dbWrapper.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\21_debug.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\215_quicklizard_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\22_resources.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\28_initializer.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\47_resources_background.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\5_notifications.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\64_appApiMessage.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\7_hooks.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\72_appApiValidation.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\79_CrossriderDailyPing.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\9_search_engine_hook.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\98_omniCommands.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\userCode\background.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\userCode\extension.js
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\install.rdf
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\locale\en-US\translations.dtd
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button1.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button2.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button3.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button4.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\button5.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\crossrider_statusbar.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon128.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon16.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon24.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\icon48.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\panelarrow-up.png
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\popup.html
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\skin.css
c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\skin\update.css
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-28 to 2014-01-29  )))))))))))))))))))))))))))))))
.
.
2014-01-29 20:05 . 2014-01-29 20:05    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-01-29 01:11 . 2013-12-29 23:44    965000    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-29 01:11 . 2013-12-29 23:44    965000    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DEDE4369-5E29-4035-9F0A-220ABA2F8150}\gapaengine.dll
2014-01-29 01:10 . 2013-12-04 03:28    10315576    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{329CB785-E2DC-4817-80CB-0A95538253C7}\mpengine.dll
2014-01-29 00:59 . 2013-12-04 03:28    10315576    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-29 00:51 . 2014-01-29 00:51    --------    d-----w-    c:\users\becky\AppData\Local\ElevatedDiagnostics
2014-01-29 00:06 . 2014-01-29 00:06    --------    d-----w-    c:\users\becky\SyncUP
2014-01-28 21:57 . 2014-01-28 21:57    --------    d-----w-    c:\users\becky\AppData\Roaming\PCDr
2014-01-28 21:57 . 2014-01-28 21:57    --------    d-----w-    c:\programdata\PCDr
2014-01-18 19:11 . 2014-01-18 19:11    --------    d-----w-    c:\programdata\BlueStacks
2014-01-15 18:06 . 2013-11-27 01:42    53248    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2014-01-15 18:06 . 2013-11-27 01:42    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2014-01-15 18:06 . 2013-11-27 01:42    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2014-01-15 18:06 . 2013-11-27 01:42    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2014-01-15 18:06 . 2013-11-27 01:42    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2014-01-15 18:06 . 2013-11-27 01:42    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2014-01-15 18:06 . 2013-11-27 01:42    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2014-01-15 18:06 . 2013-11-26 10:32    3156480    ----a-w-    c:\windows\system32\win32k.sys
2014-01-15 18:06 . 2013-11-26 11:40    376768    ----a-w-    c:\windows\system32\drivers\netio.sys
2014-01-08 22:28 . 2014-01-08 22:28    --------    d-----w-    C:\Games
2014-01-08 22:26 . 2014-01-08 22:26    --------    d-----w-    c:\users\becky\AppData\Local\Programs
2014-01-06 02:21 . 2007-10-12 23:14    2006552    ----a-w-    c:\windows\system32\D3DCompiler_36.dll
2014-01-06 02:21 . 2007-10-12 23:14    1374232    ----a-w-    c:\windows\SysWow64\D3DCompiler_36.dll
2014-01-06 02:21 . 2007-10-02 17:56    444776    ----a-w-    c:\windows\SysWow64\d3dx10_36.dll
2014-01-06 02:21 . 2007-10-02 17:56    508264    ----a-w-    c:\windows\system32\d3dx10_36.dll
2014-01-06 02:21 . 2007-10-12 23:14    5081608    ----a-w-    c:\windows\system32\d3dx9_36.dll
2014-01-06 02:21 . 2007-10-12 23:14    3734536    ----a-w-    c:\windows\SysWow64\d3dx9_36.dll
2014-01-06 02:21 . 2007-07-20 08:57    411496    ----a-w-    c:\windows\system32\xactengine2_9.dll
2014-01-06 02:21 . 2007-07-20 08:57    267112    ----a-w-    c:\windows\SysWow64\xactengine2_9.dll
2014-01-06 02:18 . 2014-01-06 02:19    --------    d-----w-    C:\ArcTemp
2014-01-06 02:06 . 2014-01-29 00:58    --------    d-----w-    c:\users\becky\AppData\Roaming\Arc
2014-01-06 02:06 . 2014-01-06 02:19    --------    d-----w-    c:\program files (x86)\Perfect World Entertainment
2014-01-06 01:04 . 2014-01-06 01:04    --------    d-----w-    c:\users\becky\.android
2014-01-06 01:04 . 2014-01-29 19:45    --------    d-----w-    c:\users\becky\AppData\Roaming\newnext.me
2014-01-06 01:04 . 2014-01-06 01:04    --------    d-----w-    c:\users\becky\AppData\Local\genienext
2014-01-06 01:04 . 2014-01-06 01:04    --------    d-----w-    c:\users\becky\AppData\Local\cache
2014-01-06 01:04 . 2014-01-06 01:11    --------    d-----w-    c:\users\becky\AppData\Local\Mobogenie
2014-01-06 01:04 . 2014-01-06 01:04    --------    d-----w-    c:\users\becky\AppData\Roaming\1H1Q
2014-01-06 01:03 . 2014-01-06 01:11    --------    d-----w-    c:\program files (x86)\Mobogenie
2014-01-02 22:14 . 2014-01-29 17:54    --------    d-----w-    c:\users\becky\AppData\Local\Nero
2014-01-02 22:14 . 2014-01-02 22:14    --------    d-----w-    c:\users\becky\AppData\Roaming\Nero
2014-01-02 20:08 . 2014-01-02 20:09    --------    d-----w-    C:\temp
2014-01-02 18:27 . 2014-01-02 18:27    736952    ----a-w-    c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2014-01-02 18:26 . 2014-01-02 18:26    2876528    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-01-02 18:26 . 2014-01-02 18:26    42168    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-01-02 18:26 . 2014-01-02 18:26    539984    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-01-02 00:27 . 2014-01-29 18:30    --------    d-----w-    c:\users\becky\AppData\Local\Diagnostics
2013-12-30 23:30 . 2013-12-30 23:30    --------    d-----w-    c:\programdata\The Mirror Mysteries
2013-12-30 23:30 . 2013-12-30 23:30    --------    d-----w-    c:\users\becky\AppData\Roaming\Silverback Productions
2013-12-30 20:17 . 2013-12-30 20:17    --------    d-----w-    c:\users\becky\AppData\Roaming\Anarchy
2013-12-30 20:13 . 2013-12-30 20:13    --------    d-----w-    c:\programdata\HideAndSecret3
2013-12-30 20:07 . 2013-12-30 20:07    --------    d-sh--w-    c:\windows\ftpcache
2013-12-30 20:07 . 2013-12-30 20:17    --------    d-----w-    c:\program files (x86)\Viva Media
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2010-11-21 03:27    270496    ------w-    c:\windows\system32\MpSigStub.exe
2014-01-16 05:22 . 2013-12-25 01:52    86054176    ----a-w-    c:\windows\system32\MRT.exe
2013-12-25 00:01 . 2013-12-25 00:01    46368    ----a-w-    c:\windows\system32\drivers\avgtpx64.sys
2013-12-23 04:32 . 2013-12-23 04:32    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-23 04:32 . 2013-12-23 04:32    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-12-23 04:32 . 2013-12-23 04:32    942592    ----a-w-    c:\windows\system32\jsIntl.dll
2013-12-23 04:32 . 2013-12-23 04:32    90112    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-12-23 04:32 . 2013-12-23 04:32    86016    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-12-23 04:32 . 2013-12-23 04:32    86016    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-12-23 04:32 . 2013-12-23 04:32    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2013-12-23 04:32 . 2013-12-23 04:32    83968    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-12-23 04:32 . 2013-12-23 04:32    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-12-23 04:32 . 2013-12-23 04:32    774144    ----a-w-    c:\windows\system32\jscript.dll
2013-12-23 04:32 . 2013-12-23 04:32    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-12-23 04:32 . 2013-12-23 04:32    74240    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-23 04:32 . 2013-12-23 04:32    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-23 04:32 . 2013-12-23 04:32    645120    ----a-w-    c:\windows\SysWow64\jsIntl.dll
2013-12-23 04:32 . 2013-12-23 04:32    626176    ----a-w-    c:\windows\system32\msfeeds.dll
2013-12-23 04:32 . 2013-12-23 04:32    62464    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-12-23 04:32 . 2013-12-23 04:32    62464    ----a-w-    c:\windows\system32\pngfilt.dll
2013-12-23 04:32 . 2013-12-23 04:32    61952    ----a-w-    c:\windows\SysWow64\MshtmlDac.dll
2013-12-23 04:32 . 2013-12-23 04:32    61952    ----a-w-    c:\windows\SysWow64\iesetup.dll
2013-12-23 04:32 . 2013-12-23 04:32    616104    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-12-23 04:32 . 2013-12-23 04:32    548352    ----a-w-    c:\windows\system32\vbscript.dll
2013-12-23 04:32 . 2013-12-23 04:32    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-12-23 04:32 . 2013-12-23 04:32    51200    ----a-w-    c:\windows\SysWow64\ieetwproxystub.dll
2013-12-23 04:32 . 2013-12-23 04:32    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-12-23 04:32 . 2013-12-23 04:32    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-12-23 04:32 . 2013-12-23 04:32    48128    ----a-w-    c:\windows\system32\imgutil.dll
2013-12-23 04:32 . 2013-12-23 04:32    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2013-12-23 04:32 . 2013-12-23 04:32    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-12-23 04:32 . 2013-12-23 04:32    413696    ----a-w-    c:\windows\system32\html.iec
2013-12-23 04:32 . 2013-12-23 04:32    40448    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-23 04:32 . 2013-12-23 04:32    36352    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-12-23 04:32 . 2013-12-23 04:32    34816    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-23 04:32 . 2013-12-23 04:32    337408    ----a-w-    c:\windows\SysWow64\html.iec
2013-12-23 04:32 . 2013-12-23 04:32    30208    ----a-w-    c:\windows\system32\licmgr10.dll
2013-12-23 04:32 . 2013-12-23 04:32    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2013-12-23 04:32 . 2013-12-23 04:32    263376    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-12-23 04:32 . 2013-12-23 04:32    247808    ----a-w-    c:\windows\system32\msls31.dll
2013-12-23 04:32 . 2013-12-23 04:32    24576    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-12-23 04:32 . 2013-12-23 04:32    243200    ----a-w-    c:\windows\system32\webcheck.dll
2013-12-23 04:32 . 2013-12-23 04:32    235520    ----a-w-    c:\windows\system32\url.dll
2013-12-23 04:32 . 2013-12-23 04:32    235008    ----a-w-    c:\windows\system32\elshyph.dll
2013-12-23 04:32 . 2013-12-23 04:32    195584    ----a-w-    c:\windows\system32\msrating.dll
2013-12-23 04:32 . 2013-12-23 04:32    182272    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-12-23 04:32 . 2013-12-23 04:32    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-12-23 04:32 . 2013-12-23 04:32    151552    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-12-23 04:32 . 2013-12-23 04:32    147968    ----a-w-    c:\windows\system32\occache.dll
2013-12-23 04:32 . 2013-12-23 04:32    143872    ----a-w-    c:\windows\system32\wextract.exe
2013-12-23 04:32 . 2013-12-23 04:32    139264    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-12-23 04:32 . 2013-12-23 04:32    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-12-23 04:32 . 2013-12-23 04:32    135680    ----a-w-    c:\windows\system32\iepeers.dll
2013-12-23 04:32 . 2013-12-23 04:32    13312    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-12-23 04:32 . 2013-12-23 04:32    13312    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-12-23 04:32 . 2013-12-23 04:32    131072    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-12-23 04:32 . 2013-12-23 04:32    1228800    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-12-23 04:32 . 2013-12-23 04:32    112128    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2013-12-23 04:32 . 2013-12-23 04:32    111616    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-12-23 04:32 . 2013-12-23 04:32    105984    ----a-w-    c:\windows\system32\iesysprep.dll
2013-12-23 04:32 . 2013-12-23 04:32    1051136    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-12-23 04:32 . 2013-12-23 04:32    101376    ----a-w-    c:\windows\system32\inseng.dll
2013-12-22 01:28 . 2013-12-22 01:28    9728    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    9728    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    648192    ----a-w-    c:\windows\system32\d3d10level9.dll
2013-12-22 01:28 . 2013-12-22 01:28    604160    ----a-w-    c:\windows\SysWow64\d3d10level9.dll
2013-12-22 01:28 . 2013-12-22 01:28    5632    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    5632    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    5632    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    5632    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    522752    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
2013-12-22 01:28 . 2013-12-22 01:28    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    4096    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    3928064    ----a-w-    c:\windows\system32\d2d1.dll
2013-12-22 01:28 . 2013-12-22 01:28    364544    ----a-w-    c:\windows\SysWow64\XpsGdiConverter.dll
2013-12-22 01:28 . 2013-12-22 01:28    363008    ----a-w-    c:\windows\system32\dxgi.dll
2013-12-22 01:28 . 2013-12-22 01:28    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    3584    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    3419136    ----a-w-    c:\windows\SysWow64\d2d1.dll
2013-12-22 01:28 . 2013-12-22 01:28    333312    ----a-w-    c:\windows\system32\d3d10_1core.dll
2013-12-22 01:28 . 2013-12-22 01:28    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    3072    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    3072    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    296960    ----a-w-    c:\windows\system32\d3d10core.dll
2013-12-22 01:28 . 2013-12-22 01:28    293376    ----a-w-    c:\windows\SysWow64\dxgi.dll
2013-12-22 01:28 . 2013-12-22 01:28    2776576    ----a-w-    c:\windows\system32\msmpeg2vdec.dll
2013-12-22 01:28 . 2013-12-22 01:28    2565120    ----a-w-    c:\windows\system32\d3d10warp.dll
2013-12-22 01:28 . 2013-12-22 01:28    2560    ---ha-w-    c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    2560    ---ha-w-    c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-22 01:28 . 2013-12-22 01:28    249856    ----a-w-    c:\windows\SysWow64\d3d10_1core.dll
2013-12-22 01:28 . 2013-12-22 01:28    245248    ----a-w-    c:\windows\system32\WindowsCodecsExt.dll
2013-12-22 01:28 . 2013-12-22 01:28    2284544    ----a-w-    c:\windows\SysWow64\msmpeg2vdec.dll
2013-12-22 01:28 . 2013-12-22 01:28    221184    ----a-w-    c:\windows\system32\UIAnimation.dll
2013-12-22 01:28 . 2013-12-22 01:28    220160    ----a-w-    c:\windows\SysWow64\d3d10core.dll
2013-12-22 01:28 . 2013-12-22 01:28    207872    ----a-w-    c:\windows\SysWow64\WindowsCodecsExt.dll
2013-12-22 01:28 . 2013-12-22 01:28    1988096    ----a-w-    c:\windows\SysWow64\d3d10warp.dll
2013-12-22 01:28 . 2013-12-22 01:28    194560    ----a-w-    c:\windows\system32\d3d10_1.dll
2013-12-22 01:28 . 2013-12-22 01:28    187392    ----a-w-    c:\windows\SysWow64\UIAnimation.dll
2013-12-22 01:28 . 2013-12-22 01:28    1682432    ----a-w-    c:\windows\system32\XpsPrint.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}]
c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E155F23C-9931-47c6-A619-20E6FCA86D75}]
c:\program files (x86)\SBLite\SBLite.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\becky\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"NextLive"="c:\users\becky\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-15 98304]
"Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2011-08-04 4165440]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-09-03 40312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-03-10 66872]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-01-06 2486296]
"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 lsnfd;lsnfd;c:\windows\system32\drivers\lsnfd.sys;c:\windows\SYSNATIVE\drivers\lsnfd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 CltMngSvc;Search Protect by Conduit Service;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\DRIVERS\AE2500w764.sys;c:\windows\SYSNATIVE\DRIVERS\AE2500w764.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-29 18:32    1211672    ----a-w-    c:\program files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 22:05]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-06 01:03]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-06 01:03]
.
2014-01-29 c:\windows\Tasks\weDownload Manager Pro-chromeinstaller.job
- c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe [2013-12-20 01:43]
.
2014-01-29 c:\windows\Tasks\weDownload Manager Pro-codedownloader.job
- c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe [2013-12-20 01:43]
.
2014-01-29 c:\windows\Tasks\weDownload Manager Pro-enabler.job
- c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-enabler.exe [2013-12-20 01:43]
.
2014-01-29 c:\windows\Tasks\weDownload Manager Pro-firefoxinstaller.job
- c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-firefoxinstaller.exe [2013-12-20 01:43]
.
2014-01-29 c:\windows\Tasks\weDownload Manager Pro-updater.job
- c:\program files (x86)\weDownload Manager Pro\weDownload Manager Pro-updater.exe [2013-12-20 01:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-10 8321568]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [BU]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-24 1266912]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0D0A0C0Czz0FtCyDzztAtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1187813529&ir=
mStart Page = hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0D0A0C0Czz0FtCyDzztAtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1187813529&ir=
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
FF - ProfilePath - c:\users\becky\AppData\Roaming\Mozilla\Firefox\Profiles\4oadv4a1.default\
FF - prefs.js: keyword.URL - hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=1190769A-D9B2-43F5-B75B-CF501410ADEB&n=780b5bbe&ind=2014010302&p2=^Z7^xdm080^S07867^us&searchfor=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0D0A0C0Czz0FtCyDzztAtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1187813529&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0D0A0C0Czz0FtCyDzztAtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1187813529&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0D0A0C0Czz0FtCyDzztAtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1187813529&ir=&q=
FF - user.js: extensions.mysearchdial.id - D4BED9DACC8F1583
FF - user.js: extensions.mysearchdial.instlDay - 16075
FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.017:3:2
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - dsites0101
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 1187813529
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0D0A0C0Czz0FtCyDzztAtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R
FF - user.js: extensions.irmysearch.aflt - dsites0101
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 1187813529
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1Qzu0DyE0B0E0Dzy0D0A0C0Czz0FtCyDzztAtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-Locked - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-WT089446 - c:\program files (x86)\WildTangent\Dell Games\Wedding Dash - Ready
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-29  12:06:34
ComboFix-quarantined-files.txt  2014-01-29 20:06
ComboFix2.txt  2014-01-29 01:32
.
Pre-Run: 918,243,479,552 bytes free
Post-Run: 917,935,136,768 bytes free
.
- - End Of File - - D38473B51A9A8ECD511560F2A57F2881
5C616939100B85E558DA92B899A0FC36

Edited by boopme, 29 January 2014 - 07:19 PM.


BC AdBot (Login to Remove)

 


#2 grnelf56

grnelf56
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:04 PM

Posted 29 January 2014 - 08:39 PM

should hav done it befor I used  adaware and it found the culprit  now I am up and running again Gosh I love this site.



#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,521 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:04 PM

Posted 03 February 2014 - 08:38 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
May I suggest we continue with the clean-up.

Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.

1: DDS.scr (Not recommended if you use Chrome to download this .scr file. Use the other options.)
2: DDS.pif
3: DDS.COM

Double click on the DDS icon, allow it to run.
A small box will open, with an explanation about the tool. No input is needed, the scan is running.
Notepad will open with the results.
Follow the instructions that pop up for posting the results.[/list]Please note: You may have to disable any script protection running if the scan fails to run.

dds_scr.gif

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  • p.s.
    If the SecurityCheck program fails to run for any reason, run it as an Administrator.
    ===


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,521 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:04 PM

Posted 09 February 2014 - 10:18 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users