Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

mysearchdial infection Windows 7


  • This topic is locked This topic is locked
32 replies to this topic

#1 rbrtcarp

rbrtcarp

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:54 AM

Posted 21 April 2014 - 10:37 PM

Have attempted to run both Malwarebytes and Chameleon. Computer shuts down prior to any scans being completed.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Owner at 1:27:27 on 2014-04-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2812.1950 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://yahoo.com/
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360510d525l0414z155t4432x277
uProxyOverride = <-loopback>
uURLSearchHooks: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
mURLSearchHooks: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
mWinlogon: Userinit = userinit.exe
BHO: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Feven 2.2: {11111111-1111-1111-1111-110411901112} -
BHO: SNT: {132DB882-94A1-0ADA-F7C1-50ED580B8D4A} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
BHO: SNT: {23891829-6CC3-5F2D-45AF-B900AC6F55BC} -
BHO: greatsaver: {3081952F-C41E-22FD-DF42-A102BF3F8AEB} -
BHO: SNT: {31D1A16F-F333-E235-F310-D299775DEE1E} -
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: gureaotsaver: {3E8C1711-505A-B1A0-C720-CAD48F18F80C} -
BHO: greAtsaver: {434CA757-6948-71B6-7F29-498FCB0BC1ED} -
BHO: SNT: {4BF0B43F-A79A-4904-A995-8839FE5E6E8A} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: gReattsaver: {73C7B4D7-144F-E562-9980-33EC03DA47A1} -
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: SNT: {7B01E027-A52B-46F8-1D1D-862F92CD0292} -
BHO: greaatsiaver: {83284F6E-A91F-9171-1023-EF2512ACB0A4} -
BHO: SNT: {89F55955-E79D-D045-820F-549F6CE93DFA} -
BHO: SNT: {8E7129B5-2E7B-EF1B-8D0D-88392BF2B524} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: SNT: {9101CE01-9A1F-2970-066E-C7B55C18791A} -
BHO: GrtSCouponApp: {99C84C03-6F81-7103-9E42-C7009D97F57A} -
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: greatSuavEr: {A50C77E4-8BBD-ED33-DD87-BF999035C521} -
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: {acd6a209-4aaf-4b1c-9930-b82fa131e958} - <orphaned>
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SNT: {B90351CB-1AD0-EF9F-F630-E576305D763D} -
BHO: greatesavver: {BFEF3859-E505-FCB1-2065-B998AA687C8D} -
BHO: SNT: {C4E292BF-BB82-B155-FB97-774D186938AD} -
BHO: Greattsavero: {C90FA314-3883-0422-4A58-665A872B0E62} -
BHO: SNT: {D94DEA5E-5089-F581-82BB-E2ED096A7228} -
BHO: greatsaavverr: {D97EFE9C-51C5-3A90-4936-1CBC21D304BC} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: <No Name>: {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - LocalServer32 - <no file>
BHO: Browsebeyond: {f04a89fa-d7e3-4fbd-9569-502b4cad4347} - LocalServer32 - <no file>
BHO: GrtSCouponApp: {F11E9BB8-72BA-8ED3-42F1-9F3BEBCC1151} -
BHO: greatssaveuR: {F1E872E5-EB88-210A-DA05-CB34DBD2B9DB} -
BHO: GrieaaTsaver: {F6679FB1-87A4-A5B0-C097-3694E41D3A73} -
BHO: GrtSCouponApp: {F74D3294-8134-00A7-3764-A73DF094497B} -
BHO: GreAetsauverr: {F7A7917F-01A7-0803-D2EE-FAE27426925B} -
BHO: SNT: {F88FE963-3348-5FF9-702F-0C5B34A31E89} -
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: InternetHelper3.1 Toolbar: {07CBF788-1359-421B-A4E3-5A8D041B90A3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Owner\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_44_Plugin.exe -update plugin
mRun: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
mRun: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [{E9AE9B9A-A99F-AA8F-27E8-A8E99BAE8b85}] "C:\Program Files (x86)\U.S. Cellular Broadband Connect\AvqAutoRun.exe" "C:\Program Files (x86)\U.S. Cellular Broadband Connect\mphonetools.exe" /OnPlug=%s
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
mRunOnce: [Browsersafeguard-rockettab-ptn Data Uninstall] cmd /C rd /Q /S "C:\Program Files (x86)\Browsersafeguard"
mRunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
mRunOnce: [iWinArcadeIECleanup] C:\Users\Owner\AppData\Local\Temp\iWinArcadeAutocleanup.bat
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MemTurbo.lnk - C:\Program Files (x86)\MemTurbo 4\MemTurbo.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SEVERE~2.LNK - C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SEVERE~1.LNK - C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{5BE19D4E-A13B-4AD2-85A9-37073276EBF1} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{5BE19D4E-A13B-4AD2-85A9-37073276EBF1}\2656C6B696E6E2168343 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5BE19D4E-A13B-4AD2-85A9-37073276EBF1}\C6563686279637 : DHCPNameServer = 208.180.42.100 66.76.175.100 192.168.1.1
TCP: Interfaces\{5BE19D4E-A13B-4AD2-85A9-37073276EBF1}\C6563686279637D27657563747 : DHCPNameServer = 208.180.42.100 66.76.175.100 192.168.33.1
TCP: Interfaces\{856ED3C4-B8B5-470E-B3C2-641E5FDB459F} : DHCPNameServer = 72.169.224.119 72.169.224.120
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs=  
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Plus-HD-6.0: {11111111-1111-1111-1111-110411901188} -
x64-BHO: SNT: {132DB882-94A1-0ADA-F7C1-50ED580B8D4A} - C:\Program Files (x86)\SNT\hVaukvyP.x64.dll
x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
x64-BHO: SNT: {23891829-6CC3-5F2D-45AF-B900AC6F55BC} - C:\Program Files (x86)\SNT\Dt.x64.dll
x64-BHO: greatsaver: {3081952F-C41E-22FD-DF42-A102BF3F8AEB} - C:\Program Files (x86)\greatsaver\MPaeEiVE.x64.dll
x64-BHO: SNT: {31D1A16F-F333-E235-F310-D299775DEE1E} - C:\Program Files (x86)\SNT\IiN.x64.dll
x64-BHO: gureaotsaver: {3E8C1711-505A-B1A0-C720-CAD48F18F80C} - C:\Program Files (x86)\gureaotsaver\QRfoEH.x64.dll
x64-BHO: greAtsaver: {434CA757-6948-71B6-7F29-498FCB0BC1ED} - C:\Program Files (x86)\greAtsaver\qm6ddr.x64.dll
x64-BHO: SNT: {4BF0B43F-A79A-4904-A995-8839FE5E6E8A} - C:\Program Files (x86)\SNT\Ne.x64.dll
x64-BHO: gReattsaver: {73C7B4D7-144F-E562-9980-33EC03DA47A1} - C:\Program Files (x86)\gReattsaver\2udPiUC.x64.dll
x64-BHO: SNT: {7B01E027-A52B-46F8-1D1D-862F92CD0292} - C:\Program Files (x86)\SNT\qg_rM_OYS.x64.dll
x64-BHO: greaatsiaver: {83284F6E-A91F-9171-1023-EF2512ACB0A4} - C:\Program Files (x86)\greaatsiaver\YCCemZTi.x64.dll
x64-BHO: SNT: {89F55955-E79D-D045-820F-549F6CE93DFA} - C:\Program Files (x86)\SNT\ZNU.x64.dll
x64-BHO: SNT: {8E7129B5-2E7B-EF1B-8D0D-88392BF2B524} - C:\Program Files (x86)\SNT\FM.x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: SNT: {9101CE01-9A1F-2970-066E-C7B55C18791A} - C:\Program Files (x86)\SNT\uycft6j.x64.dll
x64-BHO: GrtSCouponApp: {99C84C03-6F81-7103-9E42-C7009D97F57A} -
x64-BHO: greatSuavEr: {A50C77E4-8BBD-ED33-DD87-BF999035C521} - C:\Program Files (x86)\greatSuavEr\xz4SoN1Rf8.x64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: SNT: {B90351CB-1AD0-EF9F-F630-E576305D763D} - C:\Program Files (x86)\SNT\rX5O.x64.dll
x64-BHO: greatesavver: {BFEF3859-E505-FCB1-2065-B998AA687C8D} - C:\Program Files (x86)\greatesavver\W1.x64.dll
x64-BHO: SNT: {C4E292BF-BB82-B155-FB97-774D186938AD} - C:\Program Files (x86)\SNT\j.x64.dll
x64-BHO: Greattsavero: {C90FA314-3883-0422-4A58-665A872B0E62} - C:\Program Files (x86)\Greattsavero\PEzMF4Z.x64.dll
x64-BHO: SNT: {D94DEA5E-5089-F581-82BB-E2ED096A7228} - C:\Program Files (x86)\SNT\A.x64.dll
x64-BHO: greatsaavverr: {D97EFE9C-51C5-3A90-4936-1CBC21D304BC} - C:\Program Files (x86)\greatsaavverr\pvAjLBu.x64.dll
x64-BHO: GrtSCouponApp: {F11E9BB8-72BA-8ED3-42F1-9F3BEBCC1151} - C:\Program Files (x86)\GrtSCouponApp\_pWW.x64.dll
x64-BHO: greatssaveuR: {F1E872E5-EB88-210A-DA05-CB34DBD2B9DB} - C:\Program Files (x86)\greatssaveuR\4uWXVq5I.x64.dll
x64-BHO: GrieaaTsaver: {F6679FB1-87A4-A5B0-C097-3694E41D3A73} - C:\Program Files (x86)\GrieaaTsaver\ZvBjPDsq5R.x64.dll
x64-BHO: GrtSCouponApp: {F74D3294-8134-00A7-3764-A73DF094497B} - C:\Program Files (x86)\GrtSCouponApp\mh64dMb2Vm.x64.dll
x64-BHO: GreAetsauverr: {F7A7917F-01A7-0803-D2EE-FAE27426925B} - C:\Program Files (x86)\GreAetsauverr\Fyy.x64.dll
x64-BHO: SNT: {F88FE963-3348-5FF9-702F-0C5B34A31E89} - C:\Program Files (x86)\SNT\wsy.x64.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} -
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.toolksearchbook.info/?pid=1273&r=2014/01/23&hid=12947177451227183461&lg=EN&cc=US&unqvl=46&l=1&q=
FF - prefs.js: browser.search.selectedEngine - Mysearchdial
FF - prefs.js: browser.startup.homepage - hxxp://start.mysearchdial.com/?f=1&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289663&SearchSource=2&CUI=UN38088628244344281&UM=2&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
FF - ExtSQL: !HIDDEN! 2011-12-18 18:52; {EB132DB0-A4CA-11DF-9732-0E29E0D72085}; C:\Program Files (x86)\Object\facetheme
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=&q=
FF - user.js: extensions.mysearchdial.id - C417FE0FF0FFDFEA
FF - user.js: extensions.mysearchdial.instlDay - 16101
FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.019:9:30
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - irmsd0103
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 2125938809
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R
FF - user.js: extensions.mysearchdial.AL - 2
FF - user.js: extensions.irmysearch.aflt - irmsd0103
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 2125938809
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R
.
============= SERVICES / DRIVERS ===============
.
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-11-5 58880]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-2-4 34872]
S1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]
S1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-11-5 203264]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]
S2 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2011-2-8 35840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-11-5 844320]
S2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-4-15 1809720]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-4-15 857912]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?]
S2 MgAssistService;MgAssist Service;C:\Program Files (x86)\Mobogenie\MgAssist.exe [2014-1-22 63168]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]
S2 spdfrmon;spdfrmon; [x]
S2 Update Browsebeyond;Update Browsebeyond;C:\Program Files (x86)\Browsebeyond\updateBrowsebeyond.exe [2014-1-10 103200]
S2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-11-5 240160]
S2 Util Browsebeyond;Util Browsebeyond;"C:\Program Files (x86)\Browsebeyond\bin\utilBrowsebeyond.exe" --> C:\Program Files (x86)\Browsebeyond\bin\utilBrowsebeyond.exe [?]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-6-6 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-1-31 111616]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter_hs.sys [2012-11-11 18456]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-4-15 88280]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-4-15 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-4-15 63192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]
S3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\Windows\System32\drivers\NwUsbCdFil64.sys [2009-12-18 25600]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;C:\Windows\System32\drivers\nwusbser2.sys [2009-12-18 213376]
S3 PTUMWBus;PANTECH USB Modem V2 Composite Device Driver;C:\Windows\System32\drivers\PTUMWBus.sys [2011-2-8 71056]
S3 PTUMWCDF;PANTECH USB Modem V2 Installation CD;C:\Windows\System32\drivers\PTUMWCDF.sys [2011-2-8 24976]
S3 PTUMWFLT;PTUMWNET Filter Driver;C:\Windows\System32\drivers\PTUMWFLT.sys [2011-2-8 12688]
S3 PTUMWMdm;PANTECH USB Modem V2 Modem Driver;C:\Windows\System32\drivers\PTUMWMdm.sys [2011-2-8 173456]
S3 PTUMWNET;PANTECH USB Modem V2 WWAN Driver;C:\Windows\System32\drivers\PTUMWNET.sys [2011-2-8 144912]
S3 PTUMWVsp;PANTECH USB Modem V2 Diagnostic Port;C:\Windows\System32\drivers\PTUMWVsp.sys [2011-2-8 173456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-11-5 225824]
S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-5-25 43032]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-30 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-24 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-04-18 17:33:01    --------    d-----w-    C:\FRST
2014-04-18 08:20:10    --------    d-----w-    C:\Program Files (x86)\UTuberAdBlocker
2014-04-18 07:42:10    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DCF19D8F-2C82-496C-8716-07B596610DC0}\offreg.dll
2014-04-18 07:40:15    10651704    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DCF19D8F-2C82-496C-8716-07B596610DC0}\mpengine.dll
2014-04-18 07:05:12    --------    d-----w-    C:\Program Files (x86)\VS Revo Group
2014-04-15 16:17:30    119512    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-04-15 16:17:06    88280    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-04-15 16:17:06    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-04-15 15:29:38    --------    d-----w-    C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-04-15 14:34:21    119512    ----a-w-    C:\Windows\System32\drivers\48230029.sys
2014-04-15 14:29:53    --------    d-----w-    C:\ProgramData\AVAST Software
2014-04-15 14:26:24    63192    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-04-15 14:26:23    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-04-15 14:26:23    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-15 14:16:48    --------    d-----w-    C:\Windows\System32\wbem\repository
.
==================== Find3M  ====================
.
2014-04-18 06:53:37    49952    ----a-w-    C:\Windows\System32\drivers\avgtpx64.sys
2014-03-31 13:35:08    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-02-05 00:17:24    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 00:17:24    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-30 17:10:28    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-01-30 17:10:28    194048    ----a-w-    C:\Windows\SysWow64\elshyph.dll
.
============= FINISH:  1:28:53.15 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 22 April 2014 - 05:07 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Please reboot into safe mode with networking.

 

 

 

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 rbrtcarp

rbrtcarp
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:54 AM

Posted 22 April 2014 - 01:53 PM

ComboFix 14-04-20.01 - Owner 04/22/2014  16:19:51.1.1 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2812.1810 [GMT -4:00]
Running from: C:\Users\Owner\Downloads\ComboFix.exe
 * Created a new restore point


(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))


C:\END
C:\Program Files (x86)\greattsaver
C:\Program Files (x86)\greattsaver\2udPiUC.tlb
C:\Program Files (x86)\greattsaver\2udPiUC.x64.dll
C:\Program Files (x86)\YoutubeAdblocker
C:\ProgramData\hpe3CF5.dll
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\EWZvVBSSKf32.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\beK6.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\sE_.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\h0fN79h9.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\Z2r7BM.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\BxFLfACXmXd.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\XwZBm.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\XHdDCvcLuC.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\OIoeEHYnfXxP.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\hUCyg_Ltr.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\VewjYqErKQ.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\Odf88vkAe.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\e0m.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\fVX26RGDbi4.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\icon48.png
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\tz5vWxmgC7Ok.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\vWtdYQ.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\UnVCKx3hC.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\pf28hJ.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\KRNWzypNw.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\Dqbq.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\pDaKDVrx.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\M1Uvdjoid9.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\aqgbLjU4B1o9.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\wC88a.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\CGdBx.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\J66u.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\HhDFt7C.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\sKBH9.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\zKVy6ydNVz.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\min.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\newtab.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\Z47o.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\background.html
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\lsdb.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\manifest.json
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\nDmh.js
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\EWZvVBSSKf32.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\beK6.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\sE_.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\h0fN79h9.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\Z2r7BM.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\BxFLfACXmXd.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\boidnimkebefpfgbeekbjoponilnomle\232\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokafkbjfbpcanldbnefjadpmlcljmbc\1.0\XwZBm.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\XHdDCvcLuC.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\OIoeEHYnfXxP.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\hUCyg_Ltr.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\VewjYqErKQ.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\Odf88vkAe.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\e0m.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\fVX26RGDbi4.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\icon48.png
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\emchmmggfifciekogefmamecbiekpdko\1.1\tz5vWxmgC7Ok.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\vWtdYQ.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\UnVCKx3hC.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\pf28hJ.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\KRNWzypNw.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\Dqbq.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\pDaKDVrx.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\M1Uvdjoid9.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\aqgbLjU4B1o9.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\wC88a.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\CGdBx.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\J66u.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchakjlpgiohabillkdnalpkcdklekcj\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\HhDFt7C.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\sKBH9.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\zKVy6ydNVz.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\min.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\newtab.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\Z47o.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\background.html
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\content.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\lsdb.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\manifest.json
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\nDmh.js
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fcdpihjpncikmjengigheocmceffcgoo_0
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fcdpihjpncikmjengigheocmceffcgoo_0\1
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jhodopgnkbcmfgggehanaepcofglnboh_0
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jhodopgnkbcmfgggehanaepcofglnboh_0\2
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\EWZvVBSSKf32.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afcjfbhpiajgffgofpcjboldmfnhabek\3.18\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\beK6.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\afngoindiakmbaieolpjekhicbhihdcp\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjnbdajilhpbbjpllmecbgklpefbmjg\3.18\sE_.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\h0fN79h9.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcdhflljocjhanijkaekebogedillhn\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnjikmkpmkphcdgcakaliaeppidpgmj\2.1\Z2r7BM.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabllodmihocpcifponbpmcklgnfekdg\2.7\XHdDCvcLuC.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnephepohmpapomlffhdcngdnghjdhm\2.7\OIoeEHYnfXxP.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\hUCyg_Ltr.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpjcjaeoejajdogfikcmcjpnapiagdch\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\deelljpkfbmabcephfdgcplighdgkgep\2.1\VewjYqErKQ.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaeffeaehmhnjngknoakhekilhlonii\2.7\Odf88vkAe.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\e0m.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmdankfmflhmobjmpopkcbkgmlfgpcpl\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\fVX26RGDbi4.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppjdkpegkckefjedghhllmajfpghpon\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\crossriderManifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\manifest.xml
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\1_base.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\102_dealply_m.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\104_jollywallet_m.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\119_similar_web_m.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\13_CrossriderAppUtils.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\14_CrossriderUtils.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\17_jQuery.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\177_crossriderDashboard.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\182_openUrl.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\183_tabsWrapper.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\19_CHAppAPIWrapper.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\207_dbWrapper.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\21_debug.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\22_resources.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\28_initializer.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\4_jquery_1_7_1.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\47_resources_background.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\64_appApiMessage.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\72_appApiValidation.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\78_CrossriderInfo.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\80_CHPopupAppAPI.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\91_monetizationLoader.js.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\93_superfish_no_coupons_m.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\plugins\97_resourceApiWrapper.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\userCode\background.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\extensionData\userCode\extension.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\icons\actions\1.png
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\icons\icon128.png
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\icons\icon16.png
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\icons\icon48.png
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\api\chrome.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\api\cookie.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\api\message.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\api\monitor.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\api\pageAction.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\api\pageActionBG.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\background.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\app_api.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\bg_app_api.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\consts.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\cookie_store.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\crossriderAPI.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\delegate.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\events.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\extensionDataStore.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\installer.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\logFile.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\logging.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\onBGDocumentLoad.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\popupResource\newPopup.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\popupResource\popup.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\reports.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\storageWrapper.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\updateManager.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\util.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\lib\xhr.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\main.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\js\platformVersion.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdpihjpncikmjengigheocmceffcgoo\1.26.15_0\popup.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\2.1\vWtdYQ.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\foecfkdjoicikfcobmngkbplkbiekamk\2.7\UnVCKx3hC.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gigplfcifblkocipjocfepccneepjklc\3.18\pf28hJ.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\KRNWzypNw.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gliiplfbeljpabjchpfhiggmglnbcgbi\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\Dqbq.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblgnmkpejclnaogfnieebfpfjiiboed\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilghcapnieldhmncgkmibckmiphfbjep\2.7\pDaKDVrx.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\M1Uvdjoid9.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmodjmhjhdibghpocaifehaflbdppba\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\aqgbLjU4B1o9.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilngbhgdmopmiijgoapnbcookldhhjfk\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jglldfgikfphgehmlkcfhfegnmchbbgl\2.1\wC88a.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\chromeCoreFilesIndex.txt
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\crossriderManifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\extensionData\manifest.xml
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\extensionData\plugins.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\extensionData\userCode\extension.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\icons\actions\1.png
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\icons\icon128.png
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\icons\icon16.png
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\icons\icon48.png
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\js\background.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\js\lib\cookie_store.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\js\lib\crossriderAPI.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\js\lib\popupResource\popup.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\js\lib\updateManager.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\js\lib\util.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\js\main.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhodopgnkbcmfgggehanaepcofglnboh\16688.3243.8997_0\popup.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\CGdBx.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knncpfjcocceioedicmfbmkneadoifmb\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\HhDFt7C.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldngfcchlfifkfacckoihdgpbapdgnkg\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmccfpcfdecbnnaghibdbkmbohlnhgk\2.1\sKBH9.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\llecgbjbklilbgedamgejlmbomfgmlbc\2.7\zKVy6ydNVz.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\min.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepgkknleclaaegbkobamdlcecpnmggn\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjhopnnbdhnmmecalekkjjiilhcjilk\2.1\Z47o.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\background.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\content.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\lsdb.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\manifest.json
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\nDmh.js
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonlaehhcnaobnifgogbmlbfloekokkg\2.1\newtab.html
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afngoindiakmbaieolpjekhicbhihdcp
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afngoindiakmbaieolpjekhicbhihdcp\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afngoindiakmbaieolpjekhicbhihdcp\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afngoindiakmbaieolpjekhicbhihdcp\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afngoindiakmbaieolpjekhicbhihdcp\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afngoindiakmbaieolpjekhicbhihdcp\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afngoindiakmbaieolpjekhicbhihdcp\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afngoindiakmbaieolpjekhicbhihdcp\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfcdhflljocjhanijkaekebogedillhn
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfcdhflljocjhanijkaekebogedillhn\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfcdhflljocjhanijkaekebogedillhn\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfcdhflljocjhanijkaekebogedillhn\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfcdhflljocjhanijkaekebogedillhn\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfcdhflljocjhanijkaekebogedillhn\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfcdhflljocjhanijkaekebogedillhn\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfcdhflljocjhanijkaekebogedillhn\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnjikmkpmkphcdgcakaliaeppidpgmj
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnjikmkpmkphcdgcakaliaeppidpgmj\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnjikmkpmkphcdgcakaliaeppidpgmj\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnjikmkpmkphcdgcakaliaeppidpgmj\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnjikmkpmkphcdgcakaliaeppidpgmj\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnjikmkpmkphcdgcakaliaeppidpgmj\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnjikmkpmkphcdgcakaliaeppidpgmj\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnjikmkpmkphcdgcakaliaeppidpgmj\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cabllodmihocpcifponbpmcklgnfekdg
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cabllodmihocpcifponbpmcklgnfekdg\000003.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cabllodmihocpcifponbpmcklgnfekdg\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cabllodmihocpcifponbpmcklgnfekdg\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cabllodmihocpcifponbpmcklgnfekdg\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cabllodmihocpcifponbpmcklgnfekdg\MANIFEST-000002
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnephepohmpapomlffhdcngdnghjdhm
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnephepohmpapomlffhdcngdnghjdhm\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnephepohmpapomlffhdcngdnghjdhm\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnephepohmpapomlffhdcngdnghjdhm\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnephepohmpapomlffhdcngdnghjdhm\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnephepohmpapomlffhdcngdnghjdhm\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnephepohmpapomlffhdcngdnghjdhm\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cbnephepohmpapomlffhdcngdnghjdhm\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpjcjaeoejajdogfikcmcjpnapiagdch
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpjcjaeoejajdogfikcmcjpnapiagdch\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpjcjaeoejajdogfikcmcjpnapiagdch\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpjcjaeoejajdogfikcmcjpnapiagdch\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpjcjaeoejajdogfikcmcjpnapiagdch\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpjcjaeoejajdogfikcmcjpnapiagdch\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpjcjaeoejajdogfikcmcjpnapiagdch\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpjcjaeoejajdogfikcmcjpnapiagdch\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deelljpkfbmabcephfdgcplighdgkgep
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deelljpkfbmabcephfdgcplighdgkgep\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deelljpkfbmabcephfdgcplighdgkgep\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deelljpkfbmabcephfdgcplighdgkgep\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deelljpkfbmabcephfdgcplighdgkgep\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deelljpkfbmabcephfdgcplighdgkgep\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deelljpkfbmabcephfdgcplighdgkgep\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deelljpkfbmabcephfdgcplighdgkgep\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfaeffeaehmhnjngknoakhekilhlonii
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfaeffeaehmhnjngknoakhekilhlonii\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfaeffeaehmhnjngknoakhekilhlonii\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfaeffeaehmhnjngknoakhekilhlonii\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfaeffeaehmhnjngknoakhekilhlonii\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfaeffeaehmhnjngknoakhekilhlonii\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfaeffeaehmhnjngknoakhekilhlonii\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfaeffeaehmhnjngknoakhekilhlonii\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmdankfmflhmobjmpopkcbkgmlfgpcpl
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmdankfmflhmobjmpopkcbkgmlfgpcpl\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmdankfmflhmobjmpopkcbkgmlfgpcpl\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmdankfmflhmobjmpopkcbkgmlfgpcpl\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmdankfmflhmobjmpopkcbkgmlfgpcpl\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmdankfmflhmobjmpopkcbkgmlfgpcpl\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmdankfmflhmobjmpopkcbkgmlfgpcpl\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmdankfmflhmobjmpopkcbkgmlfgpcpl\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dppjdkpegkckefjedghhllmajfpghpon
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dppjdkpegkckefjedghhllmajfpghpon\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dppjdkpegkckefjedghhllmajfpghpon\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dppjdkpegkckefjedghhllmajfpghpon\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dppjdkpegkckefjedghhllmajfpghpon\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dppjdkpegkckefjedghhllmajfpghpon\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dppjdkpegkckefjedghhllmajfpghpon\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dppjdkpegkckefjedghhllmajfpghpon\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcdpihjpncikmjengigheocmceffcgoo
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcdpihjpncikmjengigheocmceffcgoo\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcdpihjpncikmjengigheocmceffcgoo\000008.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcdpihjpncikmjengigheocmceffcgoo\000009.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcdpihjpncikmjengigheocmceffcgoo\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcdpihjpncikmjengigheocmceffcgoo\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcdpihjpncikmjengigheocmceffcgoo\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcdpihjpncikmjengigheocmceffcgoo\MANIFEST-000007
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fgjnlhfbbmkfajcbchoaanjhabbmmbnl
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\000003.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fgjnlhfbbmkfajcbchoaanjhabbmmbnl\MANIFEST-000002
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\foecfkdjoicikfcobmngkbplkbiekamk
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\foecfkdjoicikfcobmngkbplkbiekamk\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\foecfkdjoicikfcobmngkbplkbiekamk\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\foecfkdjoicikfcobmngkbplkbiekamk\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\foecfkdjoicikfcobmngkbplkbiekamk\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\foecfkdjoicikfcobmngkbplkbiekamk\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\foecfkdjoicikfcobmngkbplkbiekamk\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\foecfkdjoicikfcobmngkbplkbiekamk\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gliiplfbeljpabjchpfhiggmglnbcgbi
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gliiplfbeljpabjchpfhiggmglnbcgbi\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gliiplfbeljpabjchpfhiggmglnbcgbi\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gliiplfbeljpabjchpfhiggmglnbcgbi\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gliiplfbeljpabjchpfhiggmglnbcgbi\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gliiplfbeljpabjchpfhiggmglnbcgbi\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gliiplfbeljpabjchpfhiggmglnbcgbi\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gliiplfbeljpabjchpfhiggmglnbcgbi\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iblgnmkpejclnaogfnieebfpfjiiboed
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iblgnmkpejclnaogfnieebfpfjiiboed\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iblgnmkpejclnaogfnieebfpfjiiboed\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iblgnmkpejclnaogfnieebfpfjiiboed\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iblgnmkpejclnaogfnieebfpfjiiboed\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iblgnmkpejclnaogfnieebfpfjiiboed\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iblgnmkpejclnaogfnieebfpfjiiboed\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iblgnmkpejclnaogfnieebfpfjiiboed\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilghcapnieldhmncgkmibckmiphfbjep
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilghcapnieldhmncgkmibckmiphfbjep\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilghcapnieldhmncgkmibckmiphfbjep\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilghcapnieldhmncgkmibckmiphfbjep\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilghcapnieldhmncgkmibckmiphfbjep\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilghcapnieldhmncgkmibckmiphfbjep\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilghcapnieldhmncgkmibckmiphfbjep\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilghcapnieldhmncgkmibckmiphfbjep\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilmodjmhjhdibghpocaifehaflbdppba
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilmodjmhjhdibghpocaifehaflbdppba\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilmodjmhjhdibghpocaifehaflbdppba\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilmodjmhjhdibghpocaifehaflbdppba\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilmodjmhjhdibghpocaifehaflbdppba\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilmodjmhjhdibghpocaifehaflbdppba\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilmodjmhjhdibghpocaifehaflbdppba\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilmodjmhjhdibghpocaifehaflbdppba\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilngbhgdmopmiijgoapnbcookldhhjfk
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilngbhgdmopmiijgoapnbcookldhhjfk\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilngbhgdmopmiijgoapnbcookldhhjfk\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilngbhgdmopmiijgoapnbcookldhhjfk\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilngbhgdmopmiijgoapnbcookldhhjfk\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilngbhgdmopmiijgoapnbcookldhhjfk\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilngbhgdmopmiijgoapnbcookldhhjfk\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilngbhgdmopmiijgoapnbcookldhhjfk\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jglldfgikfphgehmlkcfhfegnmchbbgl
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jglldfgikfphgehmlkcfhfegnmchbbgl\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jglldfgikfphgehmlkcfhfegnmchbbgl\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jglldfgikfphgehmlkcfhfegnmchbbgl\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jglldfgikfphgehmlkcfhfegnmchbbgl\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jglldfgikfphgehmlkcfhfegnmchbbgl\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jglldfgikfphgehmlkcfhfegnmchbbgl\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jglldfgikfphgehmlkcfhfegnmchbbgl\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jhodopgnkbcmfgggehanaepcofglnboh
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jhodopgnkbcmfgggehanaepcofglnboh\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jhodopgnkbcmfgggehanaepcofglnboh\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jhodopgnkbcmfgggehanaepcofglnboh\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jhodopgnkbcmfgggehanaepcofglnboh\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jhodopgnkbcmfgggehanaepcofglnboh\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jhodopgnkbcmfgggehanaepcofglnboh\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\knncpfjcocceioedicmfbmkneadoifmb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\knncpfjcocceioedicmfbmkneadoifmb\000003.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\knncpfjcocceioedicmfbmkneadoifmb\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\knncpfjcocceioedicmfbmkneadoifmb\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\knncpfjcocceioedicmfbmkneadoifmb\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\knncpfjcocceioedicmfbmkneadoifmb\MANIFEST-000002
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ldngfcchlfifkfacckoihdgpbapdgnkg
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ldngfcchlfifkfacckoihdgpbapdgnkg\000003.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ldngfcchlfifkfacckoihdgpbapdgnkg\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ldngfcchlfifkfacckoihdgpbapdgnkg\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ldngfcchlfifkfacckoihdgpbapdgnkg\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ldngfcchlfifkfacckoihdgpbapdgnkg\MANIFEST-000002
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lfmccfpcfdecbnnaghibdbkmbohlnhgk
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lfmccfpcfdecbnnaghibdbkmbohlnhgk\000003.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lfmccfpcfdecbnnaghibdbkmbohlnhgk\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lfmccfpcfdecbnnaghibdbkmbohlnhgk\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lfmccfpcfdecbnnaghibdbkmbohlnhgk\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lfmccfpcfdecbnnaghibdbkmbohlnhgk\MANIFEST-000002
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\llecgbjbklilbgedamgejlmbomfgmlbc
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\llecgbjbklilbgedamgejlmbomfgmlbc\000003.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\llecgbjbklilbgedamgejlmbomfgmlbc\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\llecgbjbklilbgedamgejlmbomfgmlbc\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\llecgbjbklilbgedamgejlmbomfgmlbc\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\llecgbjbklilbgedamgejlmbomfgmlbc\MANIFEST-000002
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mepgkknleclaaegbkobamdlcecpnmggn
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mepgkknleclaaegbkobamdlcecpnmggn\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mepgkknleclaaegbkobamdlcecpnmggn\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mepgkknleclaaegbkobamdlcecpnmggn\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mepgkknleclaaegbkobamdlcecpnmggn\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mepgkknleclaaegbkobamdlcecpnmggn\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mepgkknleclaaegbkobamdlcecpnmggn\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mepgkknleclaaegbkobamdlcecpnmggn\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ncjhopnnbdhnmmecalekkjjiilhcjilk
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ncjhopnnbdhnmmecalekkjjiilhcjilk\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ncjhopnnbdhnmmecalekkjjiilhcjilk\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ncjhopnnbdhnmmecalekkjjiilhcjilk\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ncjhopnnbdhnmmecalekkjjiilhcjilk\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ncjhopnnbdhnmmecalekkjjiilhcjilk\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ncjhopnnbdhnmmecalekkjjiilhcjilk\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ncjhopnnbdhnmmecalekkjjiilhcjilk\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nonlaehhcnaobnifgogbmlbfloekokkg
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nonlaehhcnaobnifgogbmlbfloekokkg\000005.ldb
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nonlaehhcnaobnifgogbmlbfloekokkg\000006.log
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nonlaehhcnaobnifgogbmlbfloekokkg\CURRENT
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nonlaehhcnaobnifgogbmlbfloekokkg\LOCK
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nonlaehhcnaobnifgogbmlbfloekokkg\LOG
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nonlaehhcnaobnifgogbmlbfloekokkg\LOG.old
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nonlaehhcnaobnifgogbmlbfloekokkg\MANIFEST-000004
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_afcjfbhpiajgffgofpcjboldmfnhabek_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_afcjfbhpiajgffgofpcjboldmfnhabek_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_afngoindiakmbaieolpjekhicbhihdcp_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_afngoindiakmbaieolpjekhicbhihdcp_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_akjnbdajilhpbbjpllmecbgklpefbmjg_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_akjnbdajilhpbbjpllmecbgklpefbmjg_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bfcdhflljocjhanijkaekebogedillhn_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bfcdhflljocjhanijkaekebogedillhn_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bmnjikmkpmkphcdgcakaliaeppidpgmj_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bmnjikmkpmkphcdgcakaliaeppidpgmj_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cabllodmihocpcifponbpmcklgnfekdg_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cabllodmihocpcifponbpmcklgnfekdg_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cbnephepohmpapomlffhdcngdnghjdhm_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cbnephepohmpapomlffhdcngdnghjdhm_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpjcjaeoejajdogfikcmcjpnapiagdch_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpjcjaeoejajdogfikcmcjpnapiagdch_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deelljpkfbmabcephfdgcplighdgkgep_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deelljpkfbmabcephfdgcplighdgkgep_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfaeffeaehmhnjngknoakhekilhlonii_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfaeffeaehmhnjngknoakhekilhlonii_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dmdankfmflhmobjmpopkcbkgmlfgpcpl_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dmdankfmflhmobjmpopkcbkgmlfgpcpl_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dppjdkpegkckefjedghhllmajfpghpon_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dppjdkpegkckefjedghhllmajfpghpon_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcdpihjpncikmjengigheocmceffcgoo_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcdpihjpncikmjengigheocmceffcgoo_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fgjnlhfbbmkfajcbchoaanjhabbmmbnl_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fgjnlhfbbmkfajcbchoaanjhabbmmbnl_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_foecfkdjoicikfcobmngkbplkbiekamk_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_foecfkdjoicikfcobmngkbplkbiekamk_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gigplfcifblkocipjocfepccneepjklc_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gigplfcifblkocipjocfepccneepjklc_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gliiplfbeljpabjchpfhiggmglnbcgbi_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gliiplfbeljpabjchpfhiggmglnbcgbi_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iblgnmkpejclnaogfnieebfpfjiiboed_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iblgnmkpejclnaogfnieebfpfjiiboed_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ilghcapnieldhmncgkmibckmiphfbjep_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ilghcapnieldhmncgkmibckmiphfbjep_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ilmodjmhjhdibghpocaifehaflbdppba_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ilmodjmhjhdibghpocaifehaflbdppba_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ilngbhgdmopmiijgoapnbcookldhhjfk_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ilngbhgdmopmiijgoapnbcookldhhjfk_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jglldfgikfphgehmlkcfhfegnmchbbgl_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jglldfgikfphgehmlkcfhfegnmchbbgl_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jhodopgnkbcmfgggehanaepcofglnboh_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jhodopgnkbcmfgggehanaepcofglnboh_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_knncpfjcocceioedicmfbmkneadoifmb_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_knncpfjcocceioedicmfbmkneadoifmb_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ldngfcchlfifkfacckoihdgpbapdgnkg_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ldngfcchlfifkfacckoihdgpbapdgnkg_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmccfpcfdecbnnaghibdbkmbohlnhgk_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmccfpcfdecbnnaghibdbkmbohlnhgk_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llecgbjbklilbgedamgejlmbomfgmlbc_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llecgbjbklilbgedamgejlmbomfgmlbc_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mepgkknleclaaegbkobamdlcecpnmggn_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mepgkknleclaaegbkobamdlcecpnmggn_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ncjhopnnbdhnmmecalekkjjiilhcjilk_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ncjhopnnbdhnmmecalekkjjiilhcjilk_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonlaehhcnaobnifgogbmlbfloekokkg_0.localstorage-journal
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonlaehhcnaobnifgogbmlbfloekokkg_0.localstorage
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\{54BA300E-8BB5-4898-B67A-6C40B324B3BB}.xps
C:\Users\Owner\AppData\Local\Temp\Temp1_Next VW contri.zip
C:\Users\Owner\AppData\Local\Temp\Temp1_Next VW contri.zip\DSC00153 .exe
C:\Users\Owner\AppData\Local\Temp\Temp1_Next VW contri.zip\DSC00153.jpg
C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\asyncDB.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\background.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\browserAction.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\contextMenu.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\dbManager.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\dom_bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\fileManager.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\firefox.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\firefoxNotifications.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\firefoxOmnibox.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\message.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\pageAction.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\request.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\tabs.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\webRequest.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\api\windowsMessagingHandler.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\background.html
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\baseObject.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\browser.xul
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\addressBarChangeObserver.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\console.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\consts.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\delegate.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\extensionDataStore.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\folderIOWrapper.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\httpObserver.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\IDBWrapper.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\installer.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\logFile.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\prefs.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\progressListenerObserver.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\registry.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\reloadObserver.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\reports.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\requestObject.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\searchSettings.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\uninstallObserver.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\updateManager.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\utils.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\core\xhr.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\dialog.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\ffCoreFilesIndex.txt
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\main.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\options.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\options.xul
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\platformVersion.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\chrome\content\search_dialog.xul
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\defaults\preferences\prefs.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\manifest.xml
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins.json
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\1.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\104.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\119.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\123.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\13.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\14.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\16.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\17.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\177.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\178.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\179.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\180.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\182.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\183.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\184.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\190.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\207.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\21.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\22.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\223.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\242.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\246.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\28.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\4.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\47.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\64.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\72.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\78.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\91.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\93.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\plugins\98.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\userCode\background.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\extensionData\userCode\extension.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\locale\en-US\translations.dtd
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\button1.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\button2.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\button3.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\button4.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\button5.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\crossrider_statusbar.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\icon128.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\icon16.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\icon24.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\icon48.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\panelarrow-up.png
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\popup.html
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\skin.css
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\4c352a1d-b9fe-40b6-a6ea-90db83f88c30@633ce670-2c0e-4b80-8905-404ab6c333d1.com\skin\update.css
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aee7_e@hltekioioi.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aee7_e@hltekioioi.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aee7_e@hltekioioi.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aee7_e@hltekioioi.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aee7_e@hltekioioi.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aoieq@lqkyf.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aoieq@lqkyf.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aoieq@lqkyf.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aoieq@lqkyf.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\aoieq@lqkyf.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\bpd4ahx@c-jxx.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\bpd4ahx@c-jxx.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\bpd4ahx@c-jxx.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\bpd4ahx@c-jxx.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\bpd4ahx@c-jxx.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dtrh2pc@hmai.co.uk
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dtrh2pc@hmai.co.uk\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dtrh2pc@hmai.co.uk\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dtrh2pc@hmai.co.uk\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dtrh2pc@hmai.co.uk\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dyeuo3.tcl@eoieiiyeoaauy.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dyeuo3.tcl@eoieiiyeoaauy.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dyeuo3.tcl@eoieiiyeoaauy.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dyeuo3.tcl@eoieiiyeoaauy.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\dyeuo3.tcl@eoieiiyeoaauy.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ey97nsm@avhddie.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ey97nsm@avhddie.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ey97nsm@avhddie.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ey97nsm@avhddie.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ey97nsm@avhddie.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\gjke1oyyi@xcvmzoxiiiu.com
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\gjke1oyyi@xcvmzoxiiiu.com\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\gjke1oyyi@xcvmzoxiiiu.com\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\gjke1oyyi@xcvmzoxiiiu.com\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\gjke1oyyi@xcvmzoxiiiu.com\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\hgoo@vkb-.net
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\hgoo@vkb-.net\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\hgoo@vkb-.net\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\hgoo@vkb-.net\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\hgoo@vkb-.net\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\i-6hquvk@ltoioda-y.net
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\i-6hquvk@ltoioda-y.net\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\i-6hquvk@ltoioda-y.net\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\i-6hquvk@ltoioda-y.net\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\i-6hquvk@ltoioda-y.net\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ioo-tsmoe@jkct-ybgx.net
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ioo-tsmoe@jkct-ybgx.net\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ioo-tsmoe@jkct-ybgx.net\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ioo-tsmoe@jkct-ybgx.net\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ioo-tsmoe@jkct-ybgx.net\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\iuo17@ya-zh.net
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\iuo17@ya-zh.net\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\iuo17@ya-zh.net\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\iuo17@ya-zh.net\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\iuo17@ya-zh.net\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\jgkegssmdpo@eaoqmaaj.edu
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\jgkegssmdpo@eaoqmaaj.edu\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\jgkegssmdpo@eaoqmaaj.edu\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\jgkegssmdpo@eaoqmaaj.edu\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\jgkegssmdpo@eaoqmaaj.edu\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kevx7oi.lrqj@kxxbf-hvtcokzx.net
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kevx7oi.lrqj@kxxbf-hvtcokzx.net\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kevx7oi.lrqj@kxxbf-hvtcokzx.net\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kevx7oi.lrqj@kxxbf-hvtcokzx.net\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kevx7oi.lrqj@kxxbf-hvtcokzx.net\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kjwfh3ao@qze-heiue.co.uk
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kjwfh3ao@qze-heiue.co.uk\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kjwfh3ao@qze-heiue.co.uk\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kjwfh3ao@qze-heiue.co.uk\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kjwfh3ao@qze-heiue.co.uk\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kliya.7djc@uayaziexp.co.uk
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kliya.7djc@uayaziexp.co.uk\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kliya.7djc@uayaziexp.co.uk\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kliya.7djc@uayaziexp.co.uk\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\kliya.7djc@uayaziexp.co.uk\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\lkp1dqos@eeiedvgan.net
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\lkp1dqos@eeiedvgan.net\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\lkp1dqos@eeiedvgan.net\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\lkp1dqos@eeiedvgan.net\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\lkp1dqos@eeiedvgan.net\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\meeuua@qdklj.edu
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\meeuua@qdklj.edu\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\meeuua@qdklj.edu\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\meeuua@qdklj.edu\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\meeuua@qdklj.edu\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ocrwo@iyoiz.edu
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ocrwo@iyoiz.edu\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ocrwo@iyoiz.edu\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ocrwo@iyoiz.edu\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ocrwo@iyoiz.edu\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qabdrmqho@kpab-ar.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qabdrmqho@kpab-ar.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qabdrmqho@kpab-ar.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qabdrmqho@kpab-ar.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qabdrmqho@kpab-ar.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qd3mqo@bdcctfchovqk.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qd3mqo@bdcctfchovqk.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qd3mqo@bdcctfchovqk.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qd3mqo@bdcctfchovqk.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\qd3mqo@bdcctfchovqk.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\s885_fq7@yl-saaayy.net
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\s885_fq7@yl-saaayy.net\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\s885_fq7@yl-saaayy.net\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\s885_fq7@yl-saaayy.net\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\s885_fq7@yl-saaayy.net\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\tlhorbo@axj.edu
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\tlhorbo@axj.edu\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\tlhorbo@axj.edu\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\tlhorbo@axj.edu\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\tlhorbo@axj.edu\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uadrd7mb@gxxrmlbyu.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uadrd7mb@gxxrmlbyu.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uadrd7mb@gxxrmlbyu.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uadrd7mb@gxxrmlbyu.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uadrd7mb@gxxrmlbyu.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uouh@yneqhkk.net
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uouh@yneqhkk.net\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uouh@yneqhkk.net\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uouh@yneqhkk.net\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uouh@yneqhkk.net\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uyye_usfg@u-agsa.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uyye_usfg@u-agsa.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uyye_usfg@u-agsa.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uyye_usfg@u-agsa.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\uyye_usfg@u-agsa.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vf-7jpar@fzy-x.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vf-7jpar@fzy-x.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vf-7jpar@fzy-x.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vf-7jpar@fzy-x.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vf-7jpar@fzy-x.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vw_tqzu@siqm-ia.com
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vw_tqzu@siqm-ia.com\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vw_tqzu@siqm-ia.com\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vw_tqzu@siqm-ia.com\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\vw_tqzu@siqm-ia.com\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\xbxb6xbz@hswwj-eu.com
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\xbxb6xbz@hswwj-eu.com\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\xbxb6xbz@hswwj-eu.com\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\xbxb6xbz@hswwj-eu.com\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\xbxb6xbz@hswwj-eu.com\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\yeyvkky@tqvbttyooe.net
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\yeyvkky@tqvbttyooe.net\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\yeyvkky@tqvbttyooe.net\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\yeyvkky@tqvbttyooe.net\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\yeyvkky@tqvbttyooe.net\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\zdiiee@zgfac.org
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\zdiiee@zgfac.org\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\zdiiee@zgfac.org\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\zdiiee@zgfac.org\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\zdiiee@zgfac.org\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ztvh-l7f@yaeeiy-.com
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ztvh-l7f@yaeeiy-.com\bootstrap.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ztvh-l7f@yaeeiy-.com\chrome.manifest
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ztvh-l7f@yaeeiy-.com\content\bg.js
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\extensions\ztvh-l7f@yaeeiy-.com\install.rdf
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\searchplugins\bing-zugo.xml
C:\Users\Owner\AppData\Roaming\SearchProtect
C:\Windows\wininit.ini


(((((((((((((((((((((((((   Files Created from 2014-03-22 to 2014-04-22  )))))))))))))))))))))))))))))))


2014-04-22 20:38:21 . 2014-04-22 20:38:21    --------    d-----w-    C:\Users\Default\AppData\Local\temp
2014-04-22 06:00:38 . 2014-04-22 07:33:41    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-18 17:33:01 . 2014-04-18 17:36:22    --------    d-----w-    C:\FRST
2014-04-18 08:20:10 . 2014-04-18 08:20:10    --------    d-----w-    C:\Program Files (x86)\UTuberAdBlocker
2014-04-18 07:42:10 . 2014-04-22 20:26:15    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DCF19D8F-2C82-496C-8716-07B596610DC0}\offreg.dll
2014-04-18 07:40:15 . 2014-04-17 09:31:46    10651704    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DCF19D8F-2C82-496C-8716-07B596610DC0}\mpengine.dll
2014-04-18 07:05:12 . 2014-04-18 07:05:12    --------    d-----w-    C:\Program Files (x86)\VS Revo Group
2014-04-15 16:17:30 . 2014-04-22 07:31:35    119000    ----a-w-    C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 16:17:06 . 2014-04-18 18:03:08    91352    ----a-w-    C:\Windows\system32\drivers\mbamchameleon.sys
2014-04-15 16:17:06 . 2014-04-18 18:03:04    25816    ----a-w-    C:\Windows\system32\drivers\mbam.sys
2014-04-15 15:29:38 . 2014-04-15 15:29:38    --------    d-----w-    C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-04-15 14:34:21 . 2014-04-15 14:38:51    119512    ----a-w-    C:\Windows\system32\drivers\48230029.sys
2014-04-15 14:29:53 . 2014-04-15 14:29:54    --------    d-----w-    C:\ProgramData\AVAST Software
2014-04-15 14:26:24 . 2014-04-18 18:03:18    63704    ----a-w-    C:\Windows\system32\drivers\mwac.sys
2014-04-15 14:26:23 . 2014-04-22 07:29:49    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-15 14:26:23 . 2014-04-15 15:29:32    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-04-15 14:16:48 . 2014-04-22 19:59:01    --------    d-----w-    C:\Windows\system32\wbem\repository
.


((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-04-18 06:53:37 . 2012-08-30 17:08:45    49952    ----a-w-    C:\Windows\system32\drivers\avgtpx64.sys
2014-03-31 13:35:08 . 2010-05-15 17:26:08    270496    ------w-    C:\Windows\system32\MpSigStub.exe
2014-02-05 00:17:24 . 2012-06-02 19:12:42    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-05 00:17:24 . 2011-07-17 13:06:58    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 17:10:28 . 2014-01-30 17:10:28    940032    ----a-w-    C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-30 17:10:28 . 2014-01-30 17:10:28    194048    ----a-w-    C:\Windows\SysWow64\elshyph.dll
2014-01-30 17:09:58 . 2014-01-30 17:09:58    235008    ----a-w-    C:\Windows\system32\elshyph.dll
2014-01-30 17:09:58 . 2014-01-30 17:09:57    645120    ----a-w-    C:\Windows\SysWow64\jsIntl.dll
2014-01-30 17:09:57 . 2014-01-30 17:09:57    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-01-30 17:09:57 . 2014-01-30 17:09:57    182272    ----a-w-    C:\Windows\SysWow64\msls31.dll
2014-01-30 17:09:56 . 2014-01-30 17:09:56    34816    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-01-30 17:09:55 . 2014-01-30 17:09:55    62464    ----a-w-    C:\Windows\SysWow64\tdc.ocx
2014-01-30 17:09:55 . 2014-01-30 17:09:55    337408    ----a-w-    C:\Windows\SysWow64\html.iec
2014-01-30 17:09:55 . 2014-01-30 17:09:55    24576    ----a-w-    C:\Windows\SysWow64\licmgr10.dll
2014-01-30 17:09:54 . 2014-01-30 17:09:54    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-01-30 17:09:54 . 2014-01-30 17:09:54    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-01-30 17:09:54 . 2014-01-30 17:09:54    151552    ----a-w-    C:\Windows\SysWow64\iexpress.exe
2014-01-30 17:09:54 . 2014-01-30 17:09:54    139264    ----a-w-    C:\Windows\SysWow64\wextract.exe
2014-01-30 17:09:54 . 2014-01-30 17:09:54    1051136    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-01-30 17:09:50 . 2014-01-30 17:09:50    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-01-30 17:09:50 . 2014-01-30 17:09:50    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-01-30 17:09:50 . 2014-01-30 17:09:50    36352    ----a-w-    C:\Windows\SysWow64\imgutil.dll
2014-01-30 17:09:50 . 2014-01-30 17:09:50    13312    ----a-w-    C:\Windows\SysWow64\mshta.exe
2014-01-30 17:09:50 . 2014-01-30 17:09:50    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-01-30 17:09:49 . 2014-01-30 17:09:49    74240    ----a-w-    C:\Windows\SysWow64\SetIEInstalledDate.exe
2014-01-30 17:09:49 . 2014-01-30 17:09:49    48640    ----a-w-    C:\Windows\SysWow64\mshtmler.dll
2014-01-30 17:09:49 . 2014-01-30 17:09:49    111616    ----a-w-    C:\Windows\SysWow64\IEAdvpack.dll
2014-01-30 17:09:48 . 2014-01-30 17:09:48    86016    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2014-01-30 17:09:42 . 2014-01-30 17:09:39    942592    ----a-w-    C:\Windows\system32\jsIntl.dll
2014-01-30 17:09:37 . 2014-01-30 17:09:37    86016    ----a-w-    C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-30 17:09:36 . 2014-01-30 17:09:36    247808    ----a-w-    C:\Windows\system32\msls31.dll
2014-01-30 17:09:36 . 2014-01-30 17:09:36    195584    ----a-w-    C:\Windows\system32\msrating.dll
2014-01-30 17:09:35 . 2014-01-30 17:09:35    90112    ----a-w-    C:\Windows\system32\SetIEInstalledDate.exe
2014-01-30 17:09:35 . 2014-01-30 17:09:35    52224    ----a-w-    C:\Windows\system32\msfeedsbs.dll
2014-01-30 17:09:35 . 2014-01-30 17:09:35    13312    ----a-w-    C:\Windows\system32\msfeedssync.exe
2014-01-30 17:09:35 . 2014-01-30 17:09:35    131072    ----a-w-    C:\Windows\system32\IEAdvpack.dll
2014-01-30 17:09:34 . 2014-01-30 17:09:34    48640    ----a-w-    C:\Windows\system32\mshtmler.dll
2014-01-30 17:09:34 . 2014-01-30 17:09:34    105984    ----a-w-    C:\Windows\system32\iesysprep.dll
2014-01-30 17:09:33 . 2014-01-30 17:09:33    77312    ----a-w-    C:\Windows\system32\tdc.ocx
2014-01-30 17:09:32 . 2014-01-30 17:09:32    81408    ----a-w-    C:\Windows\system32\icardie.dll
2014-01-30 17:09:32 . 2014-01-30 17:09:32    616104    ----a-w-    C:\Windows\system32\ieapfltr.dat
2014-01-30 17:09:32 . 2014-01-30 17:09:32    453120    ----a-w-    C:\Windows\system32\dxtmsft.dll
2014-01-30 17:09:32 . 2014-01-30 17:09:32    413696    ----a-w-    C:\Windows\system32\html.iec
2014-01-30 17:09:32 . 2014-01-30 17:09:32    40448    ----a-w-    C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-30 17:09:32 . 2014-01-30 17:09:32    296960    ----a-w-    C:\Windows\system32\dxtrans.dll
2014-01-30 17:09:31 . 2014-01-30 17:09:31    84992    ----a-w-    C:\Windows\system32\mshtmled.dll
2014-01-30 17:09:31 . 2014-01-30 17:09:31    626176    ----a-w-    C:\Windows\system32\msfeeds.dll
2014-01-30 17:09:31 . 2014-01-30 17:09:31    30208    ----a-w-    C:\Windows\system32\licmgr10.dll
2014-01-30 17:09:31 . 2014-01-30 17:09:31    263376    ----a-w-    C:\Windows\system32\iedkcs32.dll
2014-01-30 17:09:31 . 2014-01-30 17:09:31    243200    ----a-w-    C:\Windows\system32\webcheck.dll
2014-01-30 17:09:31 . 2014-01-30 17:09:31    235520    ----a-w-    C:\Windows\system32\url.dll
2014-01-30 17:09:31 . 2014-01-30 17:09:31    167424    ----a-w-    C:\Windows\system32\iexpress.exe
2014-01-30 17:09:31 . 2014-01-30 17:09:31    143872    ----a-w-    C:\Windows\system32\wextract.exe
2014-01-30 17:09:31 . 2014-01-30 17:09:31    1228800    ----a-w-    C:\Windows\system32\mshtmlmedia.dll
2014-01-30 17:09:31 . 2014-01-30 17:09:31    101376    ----a-w-    C:\Windows\system32\inseng.dll
2014-01-30 17:09:31 . 2014-01-30 17:09:30    548352    ----a-w-    C:\Windows\system32\vbscript.dll
2014-01-30 17:09:27 . 2014-01-30 17:09:27    62464    ----a-w-    C:\Windows\system32\pngfilt.dll
2014-01-30 17:09:27 . 2014-01-30 17:09:27    147968    ----a-w-    C:\Windows\system32\occache.dll
2014-01-30 17:09:26 . 2014-01-30 17:09:26    83968    ----a-w-    C:\Windows\system32\MshtmlDac.dll
2014-01-30 17:09:26 . 2014-01-30 17:09:26    774144    ----a-w-    C:\Windows\system32\jscript.dll
2014-01-30 17:09:26 . 2014-01-30 17:09:26    48128    ----a-w-    C:\Windows\system32\imgutil.dll
2014-01-30 17:09:26 . 2014-01-30 17:09:26    13824    ----a-w-    C:\Windows\system32\mshta.exe
2014-01-30 17:09:26 . 2014-01-30 17:09:26    135680    ----a-w-    C:\Windows\system32\iepeers.dll


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{07cbf788-1359-421b-a4e3-5a8d041b90a3}"= "C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll" [2013-10-15 07:01:04 226592]

[HKEY_CLASSES_ROOT\clsid\{07cbf788-1359-421b-a4e3-5a8d041b90a3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{07cbf788-1359-421b-a4e3-5a8d041b90a3}]
2013-10-15 07:01:04    226592    ----a-w-    C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{07cbf788-1359-421b-a4e3-5a8d041b90a3}"= "C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll" [2013-10-15 07:01:04 226592]

[HKEY_CLASSES_ROOT\clsid\{07cbf788-1359-421b-a4e3-5a8d041b90a3}]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41:42    120104    ----a-w-    C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-05 20:19:56 39408]
"NextLive"="C:\Users\Owner\AppData\Roaming\newnext.me\nengine.dll" [2014-01-06 03:16:17 1283584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"="C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 05:09:34 199464]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 08:44:43 35760]
"ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-29 11:47:34 419112]
"PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-22 02:53:42 181480]
"NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 00:31:08 588648]
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" [2009-08-18 09:42:08 1157128]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 06:20:52 98304]
"Acer Assist Launcher"="C:\Program Files (x86)\Acer\Acer Assist\launcher.exe" [2007-11-19 22:17:40 1261568]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 18:37:40 932288]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 22:36:46 30040]
"{E9AE9B9A-A99F-AA8F-27E8-A8E99BAE8b85}"="C:\Program Files (x86)\U.S. Cellular Broadband Connect\AvqAutoRun.exe" [2009-10-19 21:51:14 73728]
"AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 08:57:06 406992]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 14:16:26 254336]
"mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" [2014-01-09 08:01:15 766656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Browsersafeguard-rockettab-ptn Data Uninstall"="rd" [X]
"SpUninstallCleanUp"="REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect" [X]

C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MemTurbo.lnk - C:\Program Files (x86)\MemTurbo 4\MemTurbo.exe /starthidden [2011-6-20 3121760]
Severe Weather Alerts App.lnk - C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe [2013-7-9 348384]
Severe Weather Alerts.lnk - C:\Users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe /restart [2013-7-1 84184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

R1 hlnfd;hlnfd;C:\Windows\system32\drivers\hlnfd.sys;C:\Windows\SYSNATIVE\drivers\hlnfd.sys [x]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe;C:\Windows\SYSNATIVE\atiesrxx.exe [x]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe [x]
R2 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\system32\drivers\BVRPMPR5a64.SYS;C:\Windows\SYSNATIVE\drivers\BVRPMPR5a64.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]
R2 MgAssistService;MgAssist Service;C:\Program Files (x86)\Mobogenie\MgAssist.exe;C:\Program Files (x86)\Mobogenie\MgAssist.exe [x]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
R2 spdfrmon;spdfrmon; [x]
R2 Update Browsebeyond;Update Browsebeyond;C:\Program Files (x86)\Browsebeyond\updateBrowsebeyond.exe;C:\Program Files (x86)\Browsebeyond\updateBrowsebeyond.exe [x]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [x]
R2 Util Browsebeyond;Util Browsebeyond;C:\Program Files (x86)\Browsebeyond\bin\utilBrowsebeyond.exe;C:\Program Files (x86)\Browsebeyond\bin\utilBrowsebeyond.exe [x]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter_hs.sys;C:\Windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 mbamchameleon;mbamchameleon;C:\Windows\system32\drivers\mbamchameleon.sys;C:\Windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\MBAMSwissArmy.sys;C:\Windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys;C:\Windows\SYSNATIVE\DRIVERS\NwUsbCdFil64.sys [x]
R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;C:\Windows\system32\DRIVERS\nwusbser2.sys;C:\Windows\SYSNATIVE\DRIVERS\nwusbser2.sys [x]
R3 PTUMWBus;PANTECH USB Modem V2 Composite Device Driver;C:\Windows\system32\DRIVERS\PTUMWBus.sys;C:\Windows\SYSNATIVE\DRIVERS\PTUMWBus.sys [x]
R3 PTUMWCDF;PANTECH USB Modem V2 Installation CD;C:\Windows\system32\DRIVERS\PTUMWCDF.sys;C:\Windows\SYSNATIVE\DRIVERS\PTUMWCDF.sys [x]
R3 PTUMWFLT;PTUMWNET Filter Driver;C:\Windows\system32\DRIVERS\PTUMWFLT.sys;C:\Windows\SYSNATIVE\DRIVERS\PTUMWFLT.sys [x]
R3 PTUMWMdm;PANTECH USB Modem V2 Modem Driver;C:\Windows\system32\DRIVERS\PTUMWMdm.sys;C:\Windows\SYSNATIVE\DRIVERS\PTUMWMdm.sys [x]
R3 PTUMWNET;PANTECH USB Modem V2 WWAN Driver;C:\Windows\system32\DRIVERS\PTUMWNET.sys;C:\Windows\SYSNATIVE\DRIVERS\PTUMWNET.sys [x]
R3 PTUMWVsp;PANTECH USB Modem V2 Diagnostic Port;C:\Windows\system32\DRIVERS\PTUMWVsp.sys;C:\Windows\SYSNATIVE\DRIVERS\PTUMWVsp.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys;C:\Windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;C:\Windows\system32\DRIVERS\Rts516xIR.sys;C:\Windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 vyrvqiuz;vyrvqiuz; [x]
R3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys;C:\Windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys;C:\Windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-31 22:51:31    1211672    ----a-w-    C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe

Contents of the 'Scheduled Tasks' folder

2014-04-18 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-02 19:12:42 . 2014-02-05 00:17:28]

2014-04-18 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 17:20:57 . 2010-05-15 17:20:46]

2014-02-05 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 17:20:57 . 2010-05-15 17:20:46]

2014-04-15 C:\Windows\Tasks\PC Optimizer Pro Idle.job
- C:\Program Files\PC Optimizer Pro\StartApps.exe [2013-04-26 06:27:52 . 2013-04-26 06:27:52]

2014-04-15 C:\Windows\Tasks\PC Optimizer Pro Updates.job
- C:\Program Files\PC Optimizer Pro\StartApps.exe [2013-04-26 06:27:52 . 2013-04-26 06:27:52]

2014-02-04 C:\Windows\Tasks\PC Optimizer Pro64 Scan.job
- C:\Program Files\PC Optimizer Pro\StartApps.exe [2013-04-26 06:27:52 . 2013-04-26 06:27:52]

2014-04-18 C:\Windows\Tasks\PC Optimizer Pro64 startups.job
- C:\Program Files\PC Optimizer Pro\StartApps.exe [2013-04-26 06:27:52 . 2013-04-26 06:27:52]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{132DB882-94A1-0ADA-F7C1-50ED580B8D4A}]
2014-01-13 20:33:13    408576    ----a-w-    C:\Program Files (x86)\SNT\hVaukvyP.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{23891829-6CC3-5F2D-45AF-B900AC6F55BC}]
2014-01-13 20:38:39    408576    ----a-w-    C:\Program Files (x86)\SNT\Dt.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3081952F-C41E-22FD-DF42-A102BF3F8AEB}]
2013-01-20 17:23:17    408576    ----a-w-    C:\Program Files (x86)\greAtsaver\MPaeEiVE.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31D1A16F-F333-E235-F310-D299775DEE1E}]
2014-01-20 17:35:20    408576    ----a-w-    C:\Program Files (x86)\SNT\IiN.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3E8C1711-505A-B1A0-C720-CAD48F18F80C}]
2013-01-13 19:49:24    408576    ----a-w-    C:\Program Files (x86)\gureaotsaver\QRfoEH.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{434CA757-6948-71B6-7F29-498FCB0BC1ED}]
2013-01-13 19:49:03    408576    ----a-w-    C:\Program Files (x86)\greAtsaver\qm6ddr.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4BF0B43F-A79A-4904-A995-8839FE5E6E8A}]
2014-01-13 20:36:41    408576    ----a-w-    C:\Program Files (x86)\SNT\Ne.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B01E027-A52B-46F8-1D1D-862F92CD0292}]
2014-01-13 20:40:39    408576    ----a-w-    C:\Program Files (x86)\SNT\qg_rM_OYS.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83284F6E-A91F-9171-1023-EF2512ACB0A4}]
2013-01-23 19:33:13    408576    ----a-w-    C:\Program Files (x86)\greaatsiaver\YCCemZTi.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89F55955-E79D-D045-820F-549F6CE93DFA}]
2014-01-13 19:49:59    408576    ----a-w-    C:\Program Files (x86)\SNT\ZNU.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8E7129B5-2E7B-EF1B-8D0D-88392BF2B524}]
2014-01-13 19:47:21    408576    ----a-w-    C:\Program Files (x86)\SNT\FM.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9101CE01-9A1F-2970-066E-C7B55C18791A}]
2014-01-13 20:35:18    408576    ----a-w-    C:\Program Files (x86)\SNT\uycft6j.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A50C77E4-8BBD-ED33-DD87-BF999035C521}]
2013-01-13 20:37:57    408576    ----a-w-    C:\Program Files (x86)\greatSuavEr\xz4SoN1Rf8.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B90351CB-1AD0-EF9F-F630-E576305D763D}]
2014-01-13 20:30:33    408576    ----a-w-    C:\Program Files (x86)\SNT\rX5O.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BFEF3859-E505-FCB1-2065-B998AA687C8D}]
2013-01-13 19:47:08    408576    ----a-w-    C:\Program Files (x86)\greatesavver\W1.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C4E292BF-BB82-B155-FB97-774D186938AD}]
2014-01-13 19:29:02    408576    ----a-w-    C:\Program Files (x86)\SNT\j.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C90FA314-3883-0422-4A58-665A872B0E62}]
2013-01-13 20:34:58    408576    ----a-w-    C:\Program Files (x86)\Greattsavero\PEzMF4Z.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D94DEA5E-5089-F581-82BB-E2ED096A7228}]
2014-01-13 19:49:34    408576    ----a-w-    C:\Program Files (x86)\SNT\A.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D97EFE9C-51C5-3A90-4936-1CBC21D304BC}]
2013-01-13 20:40:19    408576    ----a-w-    C:\Program Files (x86)\greatsaavverr\pvAjLBu.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F11E9BB8-72BA-8ED3-42F1-9F3BEBCC1151}]
2013-01-20 17:51:32    408576    ----a-w-    C:\Program Files (x86)\GrtSCouponApp\_pWW.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F1E872E5-EB88-210A-DA05-CB34DBD2B9DB}]
2013-01-13 20:30:07    408576    ----a-w-    C:\Program Files (x86)\greatssaveuR\4uWXVq5I.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F6679FB1-87A4-A5B0-C097-3694E41D3A73}]
2013-01-13 20:32:54    408576    ----a-w-    C:\Program Files (x86)\GrieaaTsaver\ZvBjPDsq5R.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F74D3294-8134-00A7-3764-A73DF094497B}]
2013-01-20 17:45:59    408576    ----a-w-    C:\Program Files (x86)\GrtSCouponApp\mh64dMb2Vm.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F7A7917F-01A7-0803-D2EE-FAE27426925B}]
2014-01-13 19:28:20    408576    ----a-w-    C:\Program Files (x86)\GreAetsauverr\Fyy.x64.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F88FE963-3348-5FF9-702F-0C5B34A31E89}]
2014-01-20 17:25:22    408576    ----a-w-    C:\Program Files (x86)\SNT\wsy.x64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44:06    137512    ----a-w-    C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 13:14:20 7982112]
"Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" [2009-10-29 19:10:02 822816]
"mwlDaemon"="C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 13:42:30 349480]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2009-11-13 07:23:04 306472]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-02-22 22:18:20 500208]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 02:12:00 2185032]
"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 01:43:00 767312]

------- Supplementary Scan -------

uStart Page = hxxp://yahoo.com/
uLocal Page = C:\Windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.toolksearchbook.info/?pid=1273&r=2014/01/23&hid=12947177451227183461&lg=EN&cc=US&unqvl=46&l=1&q=
FF - prefs.js: browser.search.selectedEngine - Mysearchdial
FF - prefs.js: browser.startup.homepage - hxxp://start.mysearchdial.com/?f=1&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289663&SearchSource=2&CUI=UN38088628244344281&UM=2&q=
FF - ExtSQL: !HIDDEN! 2011-12-18 18:52; {EB132DB0-A4CA-11DF-9732-0E29E0D72085}; C:\Program Files (x86)\Object\facetheme
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=&q=
FF - user.js: extensions.mysearchdial.id - C417FE0FF0FFDFEA
FF - user.js: extensions.mysearchdial.instlDay - 16101
FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.019:9:30
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - irmsd0103
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 2125938809
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R
FF - user.js: extensions.mysearchdial.AL - 2
FF - user.js: extensions.irmysearch.aflt - irmsd0103
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 2125938809
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R

- - - - ORPHANS REMOVED - - - -

BHO-{11111111-1111-1111-1111-110411901112} - C:\Program Files (x86)\Feven 2.2\Feven 2.2-bho.dll
BHO-{132DB882-94A1-0ADA-F7C1-50ED580B8D4A} - C:\Program Files (x86)\SNT\hVaukvyP.dll
BHO-{23891829-6CC3-5F2D-45AF-B900AC6F55BC} - C:\Program Files (x86)\SNT\Dt.dll
BHO-{3081952F-C41E-22FD-DF42-A102BF3F8AEB} - C:\Program Files (x86)\greatsaver\MPaeEiVE.dll
BHO-{31D1A16F-F333-E235-F310-D299775DEE1E} - C:\Program Files (x86)\SNT\IiN.dll
BHO-{3E8C1711-505A-B1A0-C720-CAD48F18F80C} - C:\Program Files (x86)\gureaotsaver\QRfoEH.dll
BHO-{434CA757-6948-71B6-7F29-498FCB0BC1ED} - C:\Program Files (x86)\greAtsaver\qm6ddr.dll
BHO-{4BF0B43F-A79A-4904-A995-8839FE5E6E8A} - C:\Program Files (x86)\SNT\Ne.dll
BHO-{73C7B4D7-144F-E562-9980-33EC03DA47A1} - C:\Program Files (x86)\gReattsaver\2udPiUC.dll
BHO-{7B01E027-A52B-46F8-1D1D-862F92CD0292} - C:\Program Files (x86)\SNT\qg_rM_OYS.dll
BHO-{83284F6E-A91F-9171-1023-EF2512ACB0A4} - C:\Program Files (x86)\greaatsiaver\YCCemZTi.dll
BHO-{89F55955-E79D-D045-820F-549F6CE93DFA} - C:\Program Files (x86)\SNT\ZNU.dll
BHO-{8E7129B5-2E7B-EF1B-8D0D-88392BF2B524} - C:\Program Files (x86)\SNT\FM.dll
BHO-{9101CE01-9A1F-2970-066E-C7B55C18791A} - C:\Program Files (x86)\SNT\uycft6j.dll
BHO-{99C84C03-6F81-7103-9E42-C7009D97F57A} - C:\Program Files (x86)\GrtSCouponApp\D.dll
BHO-{A50C77E4-8BBD-ED33-DD87-BF999035C521} - C:\Program Files (x86)\greatSuavEr\xz4SoN1Rf8.dll
BHO-{acd6a209-4aaf-4b1c-9930-b82fa131e958} - (no file)
BHO-{B90351CB-1AD0-EF9F-F630-E576305D763D} - C:\Program Files (x86)\SNT\rX5O.dll
BHO-{BFEF3859-E505-FCB1-2065-B998AA687C8D} - C:\Program Files (x86)\greatesavver\W1.dll
BHO-{C4E292BF-BB82-B155-FB97-774D186938AD} - C:\Program Files (x86)\SNT\j.dll
BHO-{C90FA314-3883-0422-4A58-665A872B0E62} - C:\Program Files (x86)\Greattsavero\PEzMF4Z.dll
BHO-{D94DEA5E-5089-F581-82BB-E2ED096A7228} - C:\Program Files (x86)\SNT\A.dll
BHO-{D97EFE9C-51C5-3A90-4936-1CBC21D304BC} - C:\Program Files (x86)\greatsaavverr\pvAjLBu.dll
BHO-{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - (no file)
BHO-{f04a89fa-d7e3-4fbd-9569-502b4cad4347} - (no file)
BHO-{F11E9BB8-72BA-8ED3-42F1-9F3BEBCC1151} - C:\Program Files (x86)\GrtSCouponApp\_pWW.dll
BHO-{F1E872E5-EB88-210A-DA05-CB34DBD2B9DB} - C:\Program Files (x86)\greatssaveuR\4uWXVq5I.dll
BHO-{F6679FB1-87A4-A5B0-C097-3694E41D3A73} - C:\Program Files (x86)\GrieaaTsaver\ZvBjPDsq5R.dll
BHO-{F74D3294-8134-00A7-3764-A73DF094497B} - C:\Program Files (x86)\GrtSCouponApp\mh64dMb2Vm.dll
BHO-{F7A7917F-01A7-0803-D2EE-FAE27426925B} - C:\Program Files (x86)\GreAetsauverr\Fyy.dll
BHO-{F88FE963-3348-5FF9-702F-0C5B34A31E89} - C:\Program Files (x86)\SNT\wsy.dll
Toolbar-Locked - (no file)
Wow6432Node-HKLM-RunOnce-iWinArcadeIECleanup - C:\Users\Owner\AppData\Local\Temp\iWinArcadeAutocleanup.bat
Wow6432Node-HKU-Default-RunOnce-SPReview - C:\Windows\System32\SPReview\SPReview.exe
SafeBoot-mbamchameleon
SafeBoot-MBAMSwissArmy
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110411901188} - C:\Program Files (x86)\Plus-HD-6.0\Plus-HD-6.0-bho64.dll
BHO-{73C7B4D7-144F-E562-9980-33EC03DA47A1} - C:\Program Files (x86)\gReattsaver\2udPiUC.x64.dll
BHO-{99C84C03-6F81-7103-9E42-C7009D97F57A} - C:\Program Files (x86)\GrtSCouponApp\D.x64.dll
Toolbar-Locked - (no file)
WebBrowser-{07CBF788-1359-421B-A4E3-5A8D041B90A3} - (no file)
 



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 23 April 2014 - 04:25 AM

Combofix scripting

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt and save it to the location where Combofix is saved to.


CFScriptB-4.gif


Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 rbrtcarp

rbrtcarp
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:54 AM

Posted 23 April 2014 - 01:38 PM

I have performed the steps as described. When I drag the CFScript to ComboFix and run, the scan begins, and the computer shuts down at various points during the scan (I have attempted several times). Please advise.



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 24 April 2014 - 04:02 AM

Please reboot into safe mode and try again.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 rbrtcarp

rbrtcarp
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:54 AM

Posted 24 April 2014 - 08:05 PM

ComboFix 14-04-20.01 - Owner 04/24/2014  20:36:35.4.1 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2812.2079 [GMT -4:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
Command switches used :: c:\users\Owner\Desktop\CFScript.txt
 * Created a new restore point
.
FILE ::
"c:\windows\Tasks\PC Optimizer Pro Idle.job"
"c:\windows\Tasks\PC Optimizer Pro Updates.job"
"c:\windows\Tasks\PC Optimizer Pro64 Scan.job"
"c:\windows\Tasks\PC Optimizer Pro64 startups.job"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Browsebeyond
c:\program files (x86)\Browsebeyond\bin\Browsebeyond.BrowserFilter.Helper.dll
c:\program files (x86)\Browsebeyond\bin\Browsebeyond.BrowserFilter.Helper.dll.old.140e291f-4274-4e76-9159-fe1d911366e6
c:\program files (x86)\Browsebeyond\bin\BrowsebeyondBrowserFilter.exe
c:\program files (x86)\Browsebeyond\bin\plugins\Browsebeyond.FFUpdate.dll
c:\program files (x86)\Browsebeyond\bin\plugins\Browsebeyond.GCUpdate.dll
c:\program files (x86)\Browsebeyond\bin\plugins\Browsebeyond.IEUpdate.dll
c:\program files (x86)\Browsebeyond\bin\sqlite3.dll
c:\program files (x86)\Browsebeyond\bin\utilBrowsebeyond.InstallState
c:\program files (x86)\Browsebeyond\Browsebeyond.ico
c:\program files (x86)\Browsebeyond\BrowsebeyondUninstall.exe
c:\program files (x86)\Browsebeyond\hpbkjghifbflnidbcfmgpfihnnblieid.crx
c:\program files (x86)\Browsebeyond\sqlite3.exe
c:\program files (x86)\Browsebeyond\updateBrowsebeyond.exe
c:\program files (x86)\Browsebeyond\updateBrowsebeyond.InstallState
c:\program files (x86)\greaatsiaver
c:\program files (x86)\greaatsiaver\YCCemZTi.dat
c:\program files (x86)\greaatsiaver\YCCemZTi.tlb
c:\program files (x86)\greaatsiaver\YCCemZTi.x64.dll
c:\program files (x86)\GreAetsauverr
c:\program files (x86)\GreAetsauverr\Fyy.dat
c:\program files (x86)\GreAetsauverr\Fyy.tlb
c:\program files (x86)\GreAetsauverr\Fyy.x64.dll
c:\program files (x86)\greatesavver
c:\program files (x86)\greatesavver\W1.dat
c:\program files (x86)\greatesavver\W1.tlb
c:\program files (x86)\greatesavver\W1.x64.dll
c:\program files (x86)\greatsaavverr
c:\program files (x86)\greatsaavverr\pvAjLBu.dat
c:\program files (x86)\greatsaavverr\pvAjLBu.tlb
c:\program files (x86)\greatsaavverr\pvAjLBu.x64.dll
c:\program files (x86)\greAtsaver
c:\program files (x86)\greAtsaver\MPaeEiVE.dat
c:\program files (x86)\greAtsaver\MPaeEiVE.tlb
c:\program files (x86)\greAtsaver\MPaeEiVE.x64.dll
c:\program files (x86)\greAtsaver\qm6ddr.dat
c:\program files (x86)\greAtsaver\qm6ddr.tlb
c:\program files (x86)\greAtsaver\qm6ddr.x64.dll
c:\program files (x86)\greatssaveuR
c:\program files (x86)\greatssaveuR\4uWXVq5I.dat
c:\program files (x86)\greatssaveuR\4uWXVq5I.tlb
c:\program files (x86)\greatssaveuR\4uWXVq5I.x64.dll
c:\program files (x86)\greatSuavEr
c:\program files (x86)\greatSuavEr\xz4SoN1Rf8.dat
c:\program files (x86)\greatSuavEr\xz4SoN1Rf8.tlb
c:\program files (x86)\greatSuavEr\xz4SoN1Rf8.x64.dll
c:\program files (x86)\Greattsavero
c:\program files (x86)\Greattsavero\PEzMF4Z.dat
c:\program files (x86)\Greattsavero\PEzMF4Z.tlb
c:\program files (x86)\Greattsavero\PEzMF4Z.x64.dll
c:\program files (x86)\GrieaaTsaver
c:\program files (x86)\GrieaaTsaver\ZvBjPDsq5R.dat
c:\program files (x86)\GrieaaTsaver\ZvBjPDsq5R.tlb
c:\program files (x86)\GrieaaTsaver\ZvBjPDsq5R.x64.dll
c:\program files (x86)\GrtSCouponApp
c:\program files (x86)\GrtSCouponApp\_pWW.dat
c:\program files (x86)\GrtSCouponApp\_pWW.tlb
c:\program files (x86)\GrtSCouponApp\_pWW.x64.dll
c:\program files (x86)\GrtSCouponApp\mh64dMb2Vm.dat
c:\program files (x86)\GrtSCouponApp\mh64dMb2Vm.tlb
c:\program files (x86)\GrtSCouponApp\mh64dMb2Vm.x64.dll
c:\program files (x86)\gureaotsaver
c:\program files (x86)\gureaotsaver\QRfoEH.dat
c:\program files (x86)\gureaotsaver\QRfoEH.tlb
c:\program files (x86)\gureaotsaver\QRfoEH.x64.dll
c:\program files (x86)\InternetHelper3.1
c:\program files (x86)\InternetHelper3.1\GottenAppsContextMenu.xml
c:\program files (x86)\InternetHelper3.1\hk64tbInte.dll
c:\program files (x86)\InternetHelper3.1\hktbInte.dll
c:\program files (x86)\InternetHelper3.1\InternetHelper3.1ToolbarHelper.exe
c:\program files (x86)\InternetHelper3.1\ldrtbInte.dll
c:\program files (x86)\InternetHelper3.1\OtherAppsContextMenu.xml
c:\program files (x86)\InternetHelper3.1\prxtbInte.dll
c:\program files (x86)\InternetHelper3.1\SharedAppsContextMenu.xml
c:\program files (x86)\InternetHelper3.1\tbInte.dll
c:\program files (x86)\InternetHelper3.1\toolbar.cfg
c:\program files (x86)\InternetHelper3.1\ToolbarContextMenu.xml
c:\program files (x86)\SNT
c:\program files (x86)\SNT\A.dat
c:\program files (x86)\SNT\A.tlb
c:\program files (x86)\SNT\A.x64.dll
c:\program files (x86)\SNT\Dt.dat
c:\program files (x86)\SNT\Dt.tlb
c:\program files (x86)\SNT\Dt.x64.dll
c:\program files (x86)\SNT\FM.dat
c:\program files (x86)\SNT\FM.tlb
c:\program files (x86)\SNT\FM.x64.dll
c:\program files (x86)\SNT\hVaukvyP.dat
c:\program files (x86)\SNT\hVaukvyP.tlb
c:\program files (x86)\SNT\hVaukvyP.x64.dll
c:\program files (x86)\SNT\IiN.dat
c:\program files (x86)\SNT\IiN.tlb
c:\program files (x86)\SNT\IiN.x64.dll
c:\program files (x86)\SNT\j.dat
c:\program files (x86)\SNT\j.tlb
c:\program files (x86)\SNT\j.x64.dll
c:\program files (x86)\SNT\Ne.dat
c:\program files (x86)\SNT\Ne.tlb
c:\program files (x86)\SNT\Ne.x64.dll
c:\program files (x86)\SNT\qg_rM_OYS.dat
c:\program files (x86)\SNT\qg_rM_OYS.tlb
c:\program files (x86)\SNT\qg_rM_OYS.x64.dll
c:\program files (x86)\SNT\rX5O.dat
c:\program files (x86)\SNT\rX5O.tlb
c:\program files (x86)\SNT\rX5O.x64.dll
c:\program files (x86)\SNT\uycft6j.dat
c:\program files (x86)\SNT\uycft6j.tlb
c:\program files (x86)\SNT\uycft6j.x64.dll
c:\program files (x86)\SNT\wsy.dat
c:\program files (x86)\SNT\wsy.tlb
c:\program files (x86)\SNT\wsy.x64.dll
c:\program files (x86)\SNT\ZNU.dat
c:\program files (x86)\SNT\ZNU.tlb
c:\program files (x86)\SNT\ZNU.x64.dll
c:\program files\PC Optimizer Pro
c:\program files\PC Optimizer Pro\PCOptimizerPro.exe
c:\program files\PC Optimizer Pro\PCOptimizerPro.exe.manifest
c:\program files\PC Optimizer Pro\PCOptProCtxMenu.dll
c:\program files\PC Optimizer Pro\PCOptProTrays.exe
c:\program files\PC Optimizer Pro\StartApps.exe
c:\program files\PC Optimizer Pro\uninst.exe
c:\program files\PC Optimizer Pro\UpdatesDll.dll
c:\users\Owner\AppData\Roaming\newnext.me
c:\users\Owner\AppData\Roaming\newnext.me\cache\spark.bin
c:\users\Owner\AppData\Roaming\newnext.me\nengine.cookie
c:\users\Owner\AppData\Roaming\newnext.me\nengine.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_spdfrmon
-------\Service_Update Browsebeyond
-------\Service_Updater Service
-------\Service_Util Browsebeyond
-------\Service_vyrvqiuz
.
.
(((((((((((((((((((((((((   Files Created from 2014-03-25 to 2014-04-25  )))))))))))))))))))))))))))))))
.
.
2014-04-22 06:00 . 2014-04-22 07:33    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-04-18 17:33 . 2014-04-18 17:36    --------    d-----w-    C:\FRST
2014-04-18 08:20 . 2014-04-18 08:20    --------    d-----w-    c:\program files (x86)\UTuberAdBlocker
2014-04-18 07:40 . 2014-04-17 09:31    10651704    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{DCF19D8F-2C82-496C-8716-07B596610DC0}\mpengine.dll
2014-04-18 07:05 . 2014-04-18 07:05    --------    d-----w-    c:\program files (x86)\VS Revo Group
2014-04-15 16:17 . 2014-04-22 07:31    119000    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 16:17 . 2014-04-18 18:03    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 16:17 . 2014-04-18 18:03    25816    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-04-15 15:29 . 2014-04-15 15:29    --------    d-----w-    c:\users\Owner\AppData\Roaming\Malwarebytes
2014-04-15 14:34 . 2014-04-15 14:38    119512    ----a-w-    c:\windows\system32\drivers\48230029.sys
2014-04-15 14:29 . 2014-04-15 14:29    --------    d-----w-    c:\programdata\AVAST Software
2014-04-15 14:26 . 2014-04-18 18:03    63704    ----a-w-    c:\windows\system32\drivers\mwac.sys
2014-04-15 14:26 . 2014-04-22 07:29    --------    d-----w-    c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-15 14:26 . 2014-04-15 15:29    --------    d-----w-    c:\programdata\Malwarebytes
2014-04-15 14:16 . 2014-04-25 00:50    --------    d-----w-    c:\windows\system32\wbem\repository
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-18 06:53 . 2012-08-30 17:08    49952    ----a-w-    c:\windows\system32\drivers\avgtpx64.sys
2014-03-31 13:35 . 2010-05-15 17:26    270496    ------w-    c:\windows\system32\MpSigStub.exe
2014-02-05 00:17 . 2012-06-02 19:12    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-05 00:17 . 2011-07-17 13:06    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-30 17:10 . 2014-01-30 17:10    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2014-01-30 17:10 . 2014-01-30 17:10    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2014-01-30 17:09 . 2014-01-30 17:09    235008    ----a-w-    c:\windows\system32\elshyph.dll
2014-01-30 17:09 . 2014-01-30 17:09    645120    ----a-w-    c:\windows\SysWow64\jsIntl.dll
2014-01-30 17:09 . 2014-01-30 17:09    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-01-30 17:09 . 2014-01-30 17:09    182272    ----a-w-    c:\windows\SysWow64\msls31.dll
2014-01-30 17:09 . 2014-01-30 17:09    34816    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-01-30 17:09 . 2014-01-30 17:09    62464    ----a-w-    c:\windows\SysWow64\tdc.ocx
2014-01-30 17:09 . 2014-01-30 17:09    337408    ----a-w-    c:\windows\SysWow64\html.iec
2014-01-30 17:09 . 2014-01-30 17:09    24576    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2014-01-30 17:09 . 2014-01-30 17:09    61952    ----a-w-    c:\windows\SysWow64\iesetup.dll
2014-01-30 17:09 . 2014-01-30 17:09    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-01-30 17:09 . 2014-01-30 17:09    151552    ----a-w-    c:\windows\SysWow64\iexpress.exe
2014-01-30 17:09 . 2014-01-30 17:09    139264    ----a-w-    c:\windows\SysWow64\wextract.exe
2014-01-30 17:09 . 2014-01-30 17:09    1051136    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2014-01-30 17:09 . 2014-01-30 17:09    61952    ----a-w-    c:\windows\SysWow64\MshtmlDac.dll
2014-01-30 17:09 . 2014-01-30 17:09    51200    ----a-w-    c:\windows\SysWow64\ieetwproxystub.dll
2014-01-30 17:09 . 2014-01-30 17:09    36352    ----a-w-    c:\windows\SysWow64\imgutil.dll
2014-01-30 17:09 . 2014-01-30 17:09    13312    ----a-w-    c:\windows\SysWow64\mshta.exe
2014-01-30 17:09 . 2014-01-30 17:09    112128    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2014-01-30 17:09 . 2014-01-30 17:09    74240    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2014-01-30 17:09 . 2014-01-30 17:09    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2014-01-30 17:09 . 2014-01-30 17:09    111616    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2014-01-30 17:09 . 2014-01-30 17:09    86016    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2014-01-30 17:09 . 2014-01-30 17:09    942592    ----a-w-    c:\windows\system32\jsIntl.dll
2014-01-30 17:09 . 2014-01-30 17:09    86016    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2014-01-30 17:09 . 2014-01-30 17:09    247808    ----a-w-    c:\windows\system32\msls31.dll
2014-01-30 17:09 . 2014-01-30 17:09    195584    ----a-w-    c:\windows\system32\msrating.dll
2014-01-30 17:09 . 2014-01-30 17:09    90112    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2014-01-30 17:09 . 2014-01-30 17:09    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2014-01-30 17:09 . 2014-01-30 17:09    13312    ----a-w-    c:\windows\system32\msfeedssync.exe
2014-01-30 17:09 . 2014-01-30 17:09    131072    ----a-w-    c:\windows\system32\IEAdvpack.dll
2014-01-30 17:09 . 2014-01-30 17:09    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2014-01-30 17:09 . 2014-01-30 17:09    105984    ----a-w-    c:\windows\system32\iesysprep.dll
2014-01-30 17:09 . 2014-01-30 17:09    77312    ----a-w-    c:\windows\system32\tdc.ocx
2014-01-30 17:09 . 2014-01-30 17:09    81408    ----a-w-    c:\windows\system32\icardie.dll
2014-01-30 17:09 . 2014-01-30 17:09    616104    ----a-w-    c:\windows\system32\ieapfltr.dat
2014-01-30 17:09 . 2014-01-30 17:09    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2014-01-30 17:09 . 2014-01-30 17:09    413696    ----a-w-    c:\windows\system32\html.iec
2014-01-30 17:09 . 2014-01-30 17:09    40448    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2014-01-30 17:09 . 2014-01-30 17:09    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2014-01-30 17:09 . 2014-01-30 17:09    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2014-01-30 17:09 . 2014-01-30 17:09    626176    ----a-w-    c:\windows\system32\msfeeds.dll
2014-01-30 17:09 . 2014-01-30 17:09    30208    ----a-w-    c:\windows\system32\licmgr10.dll
2014-01-30 17:09 . 2014-01-30 17:09    263376    ----a-w-    c:\windows\system32\iedkcs32.dll
2014-01-30 17:09 . 2014-01-30 17:09    243200    ----a-w-    c:\windows\system32\webcheck.dll
2014-01-30 17:09 . 2014-01-30 17:09    235520    ----a-w-    c:\windows\system32\url.dll
2014-01-30 17:09 . 2014-01-30 17:09    167424    ----a-w-    c:\windows\system32\iexpress.exe
2014-01-30 17:09 . 2014-01-30 17:09    143872    ----a-w-    c:\windows\system32\wextract.exe
2014-01-30 17:09 . 2014-01-30 17:09    1228800    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2014-01-30 17:09 . 2014-01-30 17:09    101376    ----a-w-    c:\windows\system32\inseng.dll
2014-01-30 17:09 . 2014-01-30 17:09    548352    ----a-w-    c:\windows\system32\vbscript.dll
2014-01-30 17:09 . 2014-01-30 17:09    62464    ----a-w-    c:\windows\system32\pngfilt.dll
2014-01-30 17:09 . 2014-01-30 17:09    147968    ----a-w-    c:\windows\system32\occache.dll
2014-01-30 17:09 . 2014-01-30 17:09    83968    ----a-w-    c:\windows\system32\MshtmlDac.dll
2014-01-30 17:09 . 2014-01-30 17:09    774144    ----a-w-    c:\windows\system32\jscript.dll
2014-01-30 17:09 . 2014-01-30 17:09    48128    ----a-w-    c:\windows\system32\imgutil.dll
2014-01-30 17:09 . 2014-01-30 17:09    13824    ----a-w-    c:\windows\system32\mshta.exe
2014-01-30 17:09 . 2014-01-30 17:09    135680    ----a-w-    c:\windows\system32\iepeers.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110411901112}]
c:\program files (x86)\Feven 2.2\Feven 2.2-bho.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{132DB882-94A1-0ADA-F7C1-50ED580B8D4A}]
c:\program files (x86)\SNT\hVaukvyP.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{23891829-6CC3-5F2D-45AF-B900AC6F55BC}]
c:\program files (x86)\SNT\Dt.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3081952F-C41E-22FD-DF42-A102BF3F8AEB}]
c:\program files (x86)\greatsaver\MPaeEiVE.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31D1A16F-F333-E235-F310-D299775DEE1E}]
c:\program files (x86)\SNT\IiN.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3E8C1711-505A-B1A0-C720-CAD48F18F80C}]
c:\program files (x86)\gureaotsaver\QRfoEH.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{434CA757-6948-71B6-7F29-498FCB0BC1ED}]
c:\program files (x86)\greAtsaver\qm6ddr.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4BF0B43F-A79A-4904-A995-8839FE5E6E8A}]
c:\program files (x86)\SNT\Ne.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{73C7B4D7-144F-E562-9980-33EC03DA47A1}]
c:\program files (x86)\gReattsaver\2udPiUC.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{7B01E027-A52B-46F8-1D1D-862F92CD0292}]
c:\program files (x86)\SNT\qg_rM_OYS.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{83284F6E-A91F-9171-1023-EF2512ACB0A4}]
c:\program files (x86)\greaatsiaver\YCCemZTi.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{89F55955-E79D-D045-820F-549F6CE93DFA}]
c:\program files (x86)\SNT\ZNU.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8E7129B5-2E7B-EF1B-8D0D-88392BF2B524}]
c:\program files (x86)\SNT\FM.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9101CE01-9A1F-2970-066E-C7B55C18791A}]
c:\program files (x86)\SNT\uycft6j.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{99C84C03-6F81-7103-9E42-C7009D97F57A}]
c:\program files (x86)\GrtSCouponApp\D.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A50C77E4-8BBD-ED33-DD87-BF999035C521}]
c:\program files (x86)\greatSuavEr\xz4SoN1Rf8.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B90351CB-1AD0-EF9F-F630-E576305D763D}]
c:\program files (x86)\SNT\rX5O.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{BFEF3859-E505-FCB1-2065-B998AA687C8D}]
c:\program files (x86)\greatesavver\W1.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C4E292BF-BB82-B155-FB97-774D186938AD}]
c:\program files (x86)\SNT\j.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C90FA314-3883-0422-4A58-665A872B0E62}]
c:\program files (x86)\Greattsavero\PEzMF4Z.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D94DEA5E-5089-F581-82BB-E2ED096A7228}]
c:\program files (x86)\SNT\A.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D97EFE9C-51C5-3A90-4936-1CBC21D304BC}]
c:\program files (x86)\greatsaavverr\pvAjLBu.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F11E9BB8-72BA-8ED3-42F1-9F3BEBCC1151}]
c:\program files (x86)\GrtSCouponApp\_pWW.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F1E872E5-EB88-210A-DA05-CB34DBD2B9DB}]
c:\program files (x86)\greatssaveuR\4uWXVq5I.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F6679FB1-87A4-A5B0-C097-3694E41D3A73}]
c:\program files (x86)\GrieaaTsaver\ZvBjPDsq5R.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F74D3294-8134-00A7-3764-A73DF094497B}]
c:\program files (x86)\GrtSCouponApp\mh64dMb2Vm.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F7A7917F-01A7-0803-D2EE-FAE27426925B}]
c:\program files (x86)\GreAetsauverr\Fyy.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F88FE963-3348-5FF9-702F-0C5B34A31E89}]
c:\program files (x86)\SNT\wsy.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41    120104    ----a-w-    c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-05 39408]
"BackgroundContainer"="c:\users\Owner\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll" [2013-10-15 319264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-29 419112]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-22 181480]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 588648]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-18 1157128]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"Acer Assist Launcher"="c:\program files (x86)\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"{E9AE9B9A-A99F-AA8F-27E8-A8E99BAE8b85}"="c:\program files (x86)\U.S. Cellular Broadband Connect\AvqAutoRun.exe" [2009-10-19 73728]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"mobilegeni daemon"="c:\program files (x86)\Mobogenie\DaemonProcess.exe" [2014-01-09 766656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [BU]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MemTurbo.lnk - c:\program files (x86)\MemTurbo 4\MemTurbo.exe /starthidden [2011-6-20 3121760]
Severe Weather Alerts App.lnk - c:\users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe [2013-7-9 348384]
Severe Weather Alerts.lnk - c:\users\Owner\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe /restart [2013-7-1 84184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 hlnfd;hlnfd;c:\windows\system32\drivers\hlnfd.sys;c:\windows\SYSNATIVE\drivers\hlnfd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 NWUSBCDFIL64;Novatel Wireless Installation CD;c:\windows\system32\DRIVERS\NwUsbCdFil64.sys;c:\windows\SYSNATIVE\DRIVERS\NwUsbCdFil64.sys [x]
R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\DRIVERS\nwusbser2.sys;c:\windows\SYSNATIVE\DRIVERS\nwusbser2.sys [x]
R3 PTUMWBus;PANTECH USB Modem V2 Composite Device Driver;c:\windows\system32\DRIVERS\PTUMWBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWBus.sys [x]
R3 PTUMWCDF;PANTECH USB Modem V2 Installation CD;c:\windows\system32\DRIVERS\PTUMWCDF.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWCDF.sys [x]
R3 PTUMWFLT;PTUMWNET Filter Driver;c:\windows\system32\DRIVERS\PTUMWFLT.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWFLT.sys [x]
R3 PTUMWMdm;PANTECH USB Modem V2 Modem Driver;c:\windows\system32\DRIVERS\PTUMWMdm.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWMdm.sys [x]
R3 PTUMWNET;PANTECH USB Modem V2 WWAN Driver;c:\windows\system32\DRIVERS\PTUMWNET.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWNET.sys [x]
R3 PTUMWVsp;PANTECH USB Modem V2 Diagnostic Port;c:\windows\system32\DRIVERS\PTUMWVsp.sys;c:\windows\SYSNATIVE\DRIVERS\PTUMWVsp.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;c:\progra~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS;c:\progra~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe [x]
S2 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS;c:\windows\SYSNATIVE\drivers\BVRPMPR5a64.SYS [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 MgAssistService;MgAssist Service;c:\program files (x86)\Mobogenie\MgAssist.exe;c:\program files (x86)\Mobogenie\MgAssist.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-31 22:51    1211672    ----a-w-    c:\program files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-02 00:17]
.
2014-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 17:20]
.
2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 17:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110411901188}]
c:\program files (x86)\Plus-HD-6.0\Plus-HD-6.0-bho64.dll [BU]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{73C7B4D7-144F-E562-9980-33EC03DA47A1}]
c:\program files (x86)\gReattsaver\2udPiUC.x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99C84C03-6F81-7103-9E42-C7009D97F57A}]
c:\program files (x86)\GrtSCouponApp\D.x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44    137512    ----a-w-    c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-10-29 822816]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 349480]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-11-13 306472]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-02-22 500208]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mgdg699u.default\
FF - ExtSQL: !HIDDEN! 2011-12-18 18:52; {EB132DB0-A4CA-11DF-9732-0E29E0D72085}; c:\program files (x86)\Object\facetheme
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2125938809&ir=&q=
FF - user.js: extensions.mysearchdial.id - C417FE0FF0FFDFEA
FF - user.js: extensions.mysearchdial.instlDay - 16101
FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.019:9:30
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - irmsd0103
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 2125938809
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R
FF - user.js: extensions.mysearchdial.AL - 2
FF - user.js: extensions.irmysearch.aflt - irmsd0103
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 2125938809
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtD0F0FtD0F0F0D0F0E0AtN0D0Tzu0CyByCtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{07cbf788-1359-421b-a4e3-5a8d041b90a3} - c:\program files (x86)\InternetHelper3.1\prxtbInte.dll
BHO-{07cbf788-1359-421b-a4e3-5a8d041b90a3} - c:\program files (x86)\InternetHelper3.1\prxtbInte.dll
BHO-{acd6a209-4aaf-4b1c-9930-b82fa131e958} - (no file)
BHO-{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - (no file)
BHO-{f04a89fa-d7e3-4fbd-9569-502b4cad4347} - (no file)
Toolbar-Locked - (no file)
Toolbar-{07cbf788-1359-421b-a4e3-5a8d041b90a3} - c:\program files (x86)\InternetHelper3.1\prxtbInte.dll
Wow6432Node-HKCU-Run-NextLive - c:\users\Owner\AppData\Roaming\newnext.me\nengine.dll
BHO-{132DB882-94A1-0ADA-F7C1-50ED580B8D4A} - c:\program files (x86)\SNT\hVaukvyP.x64.dll
BHO-{23891829-6CC3-5F2D-45AF-B900AC6F55BC} - c:\program files (x86)\SNT\Dt.x64.dll
BHO-{3081952F-C41E-22FD-DF42-A102BF3F8AEB} - c:\program files (x86)\greatsaver\MPaeEiVE.x64.dll
BHO-{31D1A16F-F333-E235-F310-D299775DEE1E} - c:\program files (x86)\SNT\IiN.x64.dll
BHO-{3E8C1711-505A-B1A0-C720-CAD48F18F80C} - c:\program files (x86)\gureaotsaver\QRfoEH.x64.dll
BHO-{434CA757-6948-71B6-7F29-498FCB0BC1ED} - c:\program files (x86)\greAtsaver\qm6ddr.x64.dll
BHO-{4BF0B43F-A79A-4904-A995-8839FE5E6E8A} - c:\program files (x86)\SNT\Ne.x64.dll
BHO-{7B01E027-A52B-46F8-1D1D-862F92CD0292} - c:\program files (x86)\SNT\qg_rM_OYS.x64.dll
BHO-{83284F6E-A91F-9171-1023-EF2512ACB0A4} - c:\program files (x86)\greaatsiaver\YCCemZTi.x64.dll
BHO-{89F55955-E79D-D045-820F-549F6CE93DFA} - c:\program files (x86)\SNT\ZNU.x64.dll
BHO-{8E7129B5-2E7B-EF1B-8D0D-88392BF2B524} - c:\program files (x86)\SNT\FM.x64.dll
BHO-{9101CE01-9A1F-2970-066E-C7B55C18791A} - c:\program files (x86)\SNT\uycft6j.x64.dll
BHO-{A50C77E4-8BBD-ED33-DD87-BF999035C521} - c:\program files (x86)\greatSuavEr\xz4SoN1Rf8.x64.dll
BHO-{B90351CB-1AD0-EF9F-F630-E576305D763D} - c:\program files (x86)\SNT\rX5O.x64.dll
BHO-{BFEF3859-E505-FCB1-2065-B998AA687C8D} - c:\program files (x86)\greatesavver\W1.x64.dll
BHO-{C4E292BF-BB82-B155-FB97-774D186938AD} - c:\program files (x86)\SNT\j.x64.dll
BHO-{C90FA314-3883-0422-4A58-665A872B0E62} - c:\program files (x86)\Greattsavero\PEzMF4Z.x64.dll
BHO-{D94DEA5E-5089-F581-82BB-E2ED096A7228} - c:\program files (x86)\SNT\A.x64.dll
BHO-{D97EFE9C-51C5-3A90-4936-1CBC21D304BC} - c:\program files (x86)\greatsaavverr\pvAjLBu.x64.dll
BHO-{F11E9BB8-72BA-8ED3-42F1-9F3BEBCC1151} - c:\program files (x86)\GrtSCouponApp\_pWW.x64.dll
BHO-{F1E872E5-EB88-210A-DA05-CB34DBD2B9DB} - c:\program files (x86)\greatssaveuR\4uWXVq5I.x64.dll
BHO-{F6679FB1-87A4-A5B0-C097-3694E41D3A73} - c:\program files (x86)\GrieaaTsaver\ZvBjPDsq5R.x64.dll
BHO-{F74D3294-8134-00A7-3764-A73DF094497B} - c:\program files (x86)\GrtSCouponApp\mh64dMb2Vm.x64.dll
BHO-{F7A7917F-01A7-0803-D2EE-FAE27426925B} - c:\program files (x86)\GreAetsauverr\Fyy.x64.dll
BHO-{F88FE963-3348-5FF9-702F-0C5B34A31E89} - c:\program files (x86)\SNT\wsy.x64.dll
Toolbar-Locked - (no file)
WebBrowser-{07CBF788-1359-421B-A4E3-5A8D041B90A3} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1106932076-2053740450-3964239941-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1106932076-2053740450-3964239941-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-1106932076-2053740450-3964239941-1000)
@Denied: (2) (LocalSystem)
"Progid"="vcf_auto_file"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\Rundll32.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
.
**************************************************************************
.
Completion time: 2014-04-24  20:59:33 - machine was rebooted
ComboFix-quarantined-files.txt  2014-04-25 00:59
.
Pre-Run: 72,919,969,792 bytes free
Post-Run: 72,668,237,824 bytes free
.
- - End Of File - - 33016EF57A188FDFF26C24490F607AB8
A36C5E4F47E84449FF07ED3517B43A31
 



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 25 April 2014 - 04:49 AM

Scan with FRST (Recovery Environment)


To run FRST on Vista and Windows7:



Plug the flashdrive into the infected PC.

Enter System Recovery Options.


To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.



To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt


  • In the command window:
  • type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.

It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 rbrtcarp

rbrtcarp
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:54 AM

Posted 25 April 2014 - 01:56 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-04-2014 01
Ran by SYSTEM on MININT-N5RBSL6 on 25-04-2014 14:43:51
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [822816 2009-10-29] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [306472 2009-11-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2185032 2009-10-18] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-03] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2011-01-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-21] (Acer Corp.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acer Assist Launcher] => C:\Program Files (x86)\Acer\Acer Assist\launcher.exe [1261568 2007-11-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [{E9AE9B9A-A99F-AA8F-27E8-A8E99BAE8b85}] => C:\Program Files (x86)\U.S. Cellular Broadband Connect\mphonetools.exe [368640 2010-11-18] (Avanquest Software)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [766656 2014-01-09] ()
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
HKU\Default\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
HKU\Default User\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\Owner\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-05] (Google Inc.)
HKU\Owner\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\Owner\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemTurbo.lnk
ShortcutTarget: MemTurbo.lnk -> C:\Program Files (x86)\MemTurbo 4\MemTurbo.exe (SammSoft (www.sammsoft.com))
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk
ShortcutTarget: Severe Weather Alerts App.lnk ->  (No File)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk
ShortcutTarget: Severe Weather Alerts.lnk ->  (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Services (Whitelisted) =================

S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [63168 2014-01-27] ()
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

S5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [18456 2011-07-07] (HandSet Incorporated)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-04-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119000 2014-04-21] (Malwarebytes Corporation)
S3 NWUSBModem; C:\Windows\System32\DRIVERS\nwusbmdm.sys [213376 2009-12-18] (Novatel Wireless Inc.)
S3 NWUSBPort; C:\Windows\System32\DRIVERS\nwusbser.sys [213376 2009-12-18] (Novatel Wireless Inc.)
S3 NWUSBPort2; C:\Windows\System32\DRIVERS\nwusbser2.sys [213376 2009-12-18] (Novatel Wireless Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 SMSIVZAM5X64; C:\Program Files (x86)\Verizon Wireless\VZAccess Manager\SMSIVZAM5X64.sys [43032 2009-05-25] (Smith Micro Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 hlnfd; system32\drivers\hlnfd.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\usbccid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-25 03:37 - 2014-04-25 03:28 - 02061312 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-04-25 03:28 - 2014-04-25 03:28 - 02061312 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-04-24 17:00 - 2014-04-24 17:00 - 00043730 _____ () C:\Users\Owner\Desktop\combofix1.txt
2014-04-24 16:59 - 2014-04-24 16:59 - 00043730 _____ () C:\ComboFix.txt
2014-04-23 11:44 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-23 11:38 - 2014-04-22 12:14 - 05196870 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe
2014-04-22 12:50 - 2014-04-22 12:50 - 00191347 _____ () C:\Users\Owner\Desktop\ComboFix.txt
2014-04-22 12:15 - 2014-04-24 16:59 - 00000000 ____D () C:\Qoobox
2014-04-22 12:15 - 2014-04-24 16:48 - 00000000 ____D () C:\Windows\erdnt
2014-04-22 12:15 - 2013-10-11 17:33 - 00156160 ____R (Microsoft Corporation) C:\Users\Owner\Desktop\CSCRIPT.3XE
2014-04-22 12:15 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-22 12:15 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-22 12:15 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-22 12:15 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-22 12:15 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-22 12:15 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-22 12:15 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-22 12:13 - 2014-04-22 12:14 - 05196870 ____R (Swearware) C:\Users\Owner\Downloads\ComboFix.exe
2014-04-21 23:27 - 2014-04-21 23:28 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-consumer-2.0.2.1007.exe
2014-04-21 22:00 - 2014-04-21 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-21 21:59 - 2014-04-21 21:59 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-04-21 21:57 - 2014-04-21 21:58 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1009.exe
2014-04-21 21:29 - 2014-04-21 21:29 - 00028401 _____ () C:\Users\Owner\Desktop\dds.txt
2014-04-21 21:29 - 2014-04-21 21:29 - 00026150 _____ () C:\Users\Owner\Desktop\attach.txt
2014-04-21 21:25 - 2014-04-21 21:26 - 00688992 _____ (Swearware) C:\Users\Owner\Downloads\dds(1).com
2014-04-21 21:25 - 2014-04-21 21:25 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-04-18 09:33 - 2014-04-25 14:43 - 00000000 ____D () C:\FRST
2014-04-18 01:57 - 2014-04-18 01:57 - 00000000 ____D () C:\Users\Owner\Documents\tdsskiller
2014-04-18 00:58 - 2014-04-18 00:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-18 00:20 - 2014-04-18 00:20 - 00000000 ____D () C:\Program Files (x86)\UTuberAdBlocker
2014-04-17 23:05 - 2014-04-17 23:05 - 00001272 _____ () C:\Users\Owner\Desktop\Revo Uninstaller.lnk
2014-04-17 23:05 - 2014-04-17 23:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-17 15:18 - 2014-04-17 15:18 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-04-15 08:17 - 2014-04-21 23:31 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-04-15 08:17 - 2014-04-21 23:29 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-15 08:17 - 2014-04-18 10:03 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-04-15 08:17 - 2014-04-18 10:03 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-04-15 08:05 - 2014-04-15 21:00 - 00002590 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-04-15 08:05 - 2014-04-15 08:05 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Owner\Downloads\rkill.com
2014-04-15 08:05 - 2014-04-15 08:05 - 01524035 _____ () C:\Users\Owner\Downloads\rkill.exe.t2ob8qk.partial
2014-04-15 07:29 - 2014-04-15 07:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-04-15 07:27 - 2014-04-15 07:27 - 00000000 ____D () C:\Users\Owner\Downloads\mbam-chameleon-1.62.1.1000
2014-04-15 07:26 - 2014-04-15 07:46 - 01440846 _____ () C:\Users\Owner\Downloads\mbam-chameleon-1.62.1.1000.zip
2014-04-15 06:34 - 2014-04-15 06:38 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\48230029.sys
2014-04-15 06:29 - 2014-04-15 06:29 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 06:26 - 2014-04-21 23:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-15 06:26 - 2014-04-18 10:03 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2014-04-15 06:26 - 2014-04-15 07:29 - 00000000 ____D () C:\ProgramData\Malwarebytes

==================== One Month Modified Files and Folders =======

2014-04-25 14:43 - 2014-04-18 09:33 - 00000000 ____D () C:\FRST
2014-04-25 10:12 - 2009-07-13 20:51 - 00065694 _____ () C:\Windows\setupact.log
2014-04-25 03:28 - 2014-04-25 03:37 - 02061312 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-04-25 03:28 - 2014-04-25 03:28 - 02061312 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-04-25 03:18 - 2013-03-18 12:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-25 03:16 - 2012-06-02 11:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-25 03:16 - 2010-05-15 09:21 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-24 18:37 - 2010-02-04 00:24 - 01146841 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 18:17 - 2012-06-02 11:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-24 18:17 - 2012-06-02 11:12 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-24 18:17 - 2011-07-17 05:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-24 17:14 - 2009-11-05 12:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-24 17:04 - 2013-03-18 12:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-24 17:00 - 2014-04-24 17:00 - 00043730 _____ () C:\Users\Owner\Desktop\combofix1.txt
2014-04-24 17:00 - 2009-07-13 20:45 - 00009920 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-24 17:00 - 2009-07-13 20:45 - 00009920 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-24 16:59 - 2014-04-24 16:59 - 00043730 _____ () C:\ComboFix.txt
2014-04-24 16:59 - 2014-04-22 12:15 - 00000000 ____D () C:\Qoobox
2014-04-24 16:59 - 2009-07-13 19:20 - 00000000 __RHD () C:\users\Default
2014-04-24 16:51 - 2009-07-13 18:34 - 00000244 _____ () C:\Windows\system.ini
2014-04-24 16:50 - 2010-05-15 09:20 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-24 16:50 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 16:49 - 2009-11-05 12:37 - 00841532 _____ () C:\Windows\PFRO.log
2014-04-24 16:48 - 2014-04-22 12:15 - 00000000 ____D () C:\Windows\erdnt
2014-04-24 16:48 - 2009-07-13 18:34 - 80478208 _____ () C:\Windows\System32\config\SOFTWARE.bak
2014-04-24 16:48 - 2009-07-13 18:34 - 18874368 _____ () C:\Windows\System32\config\SYSTEM.bak
2014-04-24 16:48 - 2009-07-13 18:34 - 00524288 _____ () C:\Windows\System32\config\DEFAULT.bak
2014-04-24 16:48 - 2009-07-13 18:34 - 00262144 _____ () C:\Windows\System32\config\SECURITY.bak
2014-04-24 16:48 - 2009-07-13 18:34 - 00262144 _____ () C:\Windows\System32\config\SAM.bak
2014-04-22 12:50 - 2014-04-22 12:50 - 00191347 _____ () C:\Users\Owner\Desktop\ComboFix.txt
2014-04-22 12:14 - 2014-04-23 11:38 - 05196870 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe
2014-04-22 12:14 - 2014-04-22 12:13 - 05196870 ____R (Swearware) C:\Users\Owner\Downloads\ComboFix.exe
2014-04-21 23:33 - 2014-04-21 22:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-21 23:31 - 2014-04-15 08:17 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-04-21 23:29 - 2014-04-15 08:17 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-21 23:29 - 2014-04-15 06:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-21 23:28 - 2014-04-21 23:27 - 17290592 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-consumer-2.0.2.1007.exe
2014-04-21 21:59 - 2014-04-21 21:59 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-04-21 21:58 - 2014-04-21 21:57 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Owner\Downloads\mbar-1.07.0.1009.exe
2014-04-21 21:29 - 2014-04-21 21:29 - 00028401 _____ () C:\Users\Owner\Desktop\dds.txt
2014-04-21 21:29 - 2014-04-21 21:29 - 00026150 _____ () C:\Users\Owner\Desktop\attach.txt
2014-04-21 21:26 - 2014-04-21 21:25 - 00688992 _____ (Swearware) C:\Users\Owner\Downloads\dds(1).com
2014-04-21 21:25 - 2014-04-21 21:25 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-04-18 10:03 - 2014-04-15 08:17 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-04-18 10:03 - 2014-04-15 08:17 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-04-18 10:03 - 2014-04-15 06:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2014-04-18 01:57 - 2014-04-18 01:57 - 00000000 ____D () C:\Users\Owner\Documents\tdsskiller
2014-04-18 01:20 - 2012-05-23 02:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-18 00:58 - 2014-04-18 00:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-18 00:49 - 2014-01-13 11:28 - 00000000 ____D () C:\ProgramData\9a0cda1abdd8e0b7
2014-04-18 00:27 - 2014-01-22 06:30 - 00000000 ____D () C:\Users\Owner\AppData\Local\newplayer
2014-04-18 00:24 - 2010-05-15 16:42 - 00000000 ____D () C:\ProgramData\iWin Games
2014-04-18 00:20 - 2014-04-18 00:20 - 00000000 ____D () C:\Program Files (x86)\UTuberAdBlocker
2014-04-18 00:11 - 2014-01-31 14:50 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\iSafe
2014-04-17 23:57 - 2014-01-13 11:30 - 00000000 ____D () C:\Users\Owner\AppData\Local\WeatherBug
2014-04-17 23:56 - 2011-02-08 12:06 - 00000000 ____D () C:\ProgramData\BVRP Software
2014-04-17 23:54 - 2011-02-08 13:42 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-04-17 23:38 - 2014-01-13 11:28 - 00000000 ____D () C:\ProgramData\House Of Soft
2014-04-17 23:32 - 2014-01-23 11:42 - 00000000 ____D () C:\Program Files (x86)\greatsavier
2014-04-17 23:31 - 2014-01-31 16:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\mysearchdial
2014-04-17 23:30 - 2011-08-16 14:30 - 00000000 ____D () C:\ProgramData\PCPowerSpeed
2014-04-17 23:22 - 2014-01-31 14:51 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-17 23:13 - 2011-06-20 16:12 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-17 23:05 - 2014-04-17 23:05 - 00001272 _____ () C:\Users\Owner\Desktop\Revo Uninstaller.lnk
2014-04-17 23:05 - 2014-04-17 23:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-17 22:59 - 2014-01-22 06:26 - 00000000 ____D () C:\Users\Owner\AppData\Local\SevereWeatherAlerts
2014-04-17 22:53 - 2012-08-30 09:08 - 00049952 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2014-04-17 22:11 - 2011-06-20 11:45 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Sammsoft
2014-04-17 15:18 - 2014-04-17 15:18 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-04-15 21:00 - 2014-04-15 08:05 - 00002590 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-04-15 19:41 - 2014-01-31 14:58 - 00000000 ____D () C:\Program Files (x86)\SpeedItup Free
2014-04-15 19:38 - 2011-05-23 05:41 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-15 08:05 - 2014-04-15 08:05 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Owner\Downloads\rkill.com
2014-04-15 08:05 - 2014-04-15 08:05 - 01524035 _____ () C:\Users\Owner\Downloads\rkill.exe.t2ob8qk.partial
2014-04-15 07:48 - 2009-07-13 21:13 - 00726444 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-15 07:46 - 2014-04-15 07:26 - 01440846 _____ () C:\Users\Owner\Downloads\mbam-chameleon-1.62.1.1000.zip
2014-04-15 07:29 - 2014-04-15 07:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-04-15 07:29 - 2014-04-15 06:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 07:27 - 2014-04-15 07:27 - 00000000 ____D () C:\Users\Owner\Downloads\mbam-chameleon-1.62.1.1000
2014-04-15 06:38 - 2014-04-15 06:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\48230029.sys
2014-04-15 06:29 - 2014-04-15 06:29 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-15 05:14 - 2010-05-15 08:20 - 00000000 ____D () C:\users\Owner
2014-04-15 04:12 - 2014-01-31 14:58 - 00000000 ____D () C:\Windows\SpeedItup Free
2014-04-15 04:12 - 2014-01-22 06:31 - 00000000 ____D () C:\Users\Owner\AppData\Local\Mobogenie
2014-04-15 04:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-04-15 04:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-15 04:11 - 2014-01-22 06:27 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-04-15 04:11 - 2011-08-16 14:30 - 00000000 ____D () C:\Program Files (x86)\Inbox.com
2014-04-15 04:11 - 2011-08-02 14:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-15 04:11 - 2009-07-13 23:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-31 05:35 - 2010-05-15 09:26 - 00270496 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-02-12 04:19:01
Restore point made on: 2014-02-12 06:06:43
Restore point made on: 2014-02-15 18:37:49
Restore point made on: 2014-02-16 13:06:49
Restore point made on: 2014-02-21 08:03:55
Restore point made on: 2014-03-15 09:09:05
Restore point made on: 2014-04-24 17:00:31

==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 2812.05 MB
Available physical RAM: 2155.71 MB
Total Pagefile: 2810.2 MB
Available Pagefile: 2149.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:136.95 GB) (Free:68.85 GB) NTFS
Drive e: (PQSERVICE) (Fixed) (Total:12 GB) (Free:1.5 GB) NTFS
Drive g: (USB20FD) (Removable) (Total:60.94 GB) (Free:60.94 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: A71991E5)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=137 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 61 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=61 GB) - (Type=0C)


LastRegBack: 2014-01-22 08:48

==================== End Of Log ============================



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 28 April 2014 - 07:24 AM

Fix with FRST (Recovery Environment)


  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [766656 2014-01-09] ()
    HKU\Owner\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    
     C:\Program Files (x86)\Mobogenie
     C:\Users\Owner\AppData\Local\Conduit
     2014-04-18 00:20 - 2014-04-18 00:20 - 00000000 ____D () C:\Program Files (x86)\UTuberAdBlocker
     2014-04-17 23:32 - 2014-01-23 11:42 - 00000000 ____D () C:\Program Files (x86)\greatsavier
    2014-04-17 23:31 - 2014-01-31 16:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\mysearchdial
    2014-04-17 23:30 - 2011-08-16 14:30 - 00000000 ____D () C:\ProgramData\PCPowerSpeed
    2014-04-17 23:22 - 2014-01-31 14:51 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
    2014-04-15 04:12 - 2014-01-31 14:58 - 00000000 ____D () C:\Windows\SpeedItup Free
    2014-04-15 04:12 - 2014-01-22 06:31 - 00000000 ____D () C:\Users\Owner\AppData\Local\Mobogenie
    2014-04-15 04:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
    2014-04-15 04:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\L2Schemas
    2014-04-15 04:11 - 2014-01-22 06:27 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
    2014-04-15 04:11 - 2011-08-16 14:30 - 00000000 ____D () C:\Program Files (x86)\Inbox.com
    2014-04-15 04:11 - 2011-08-02 14:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
    2014-04-15 04:11 - 2009-07-13 23:44 - 00000000 ___RD () C:\Users\Public\Recorded TV

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Now please enter System Recovery Options again.

  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

 

 

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.3.1.2183.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 rbrtcarp

rbrtcarp
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:54 AM

Posted 29 April 2014 - 06:28 AM

The following Fixlog was as far as I got.  After this, the laptop would not allow me to access the internet, therefor I could not download and run Malwarebytes.  It was previously installed, but would not run.  Also tried to run the mbam.exe from flashdrive, but no success. Remote access manager was disabled. Set to manual and start, but no luck there either. Please advise, and thank you.

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-04-2014 01
Ran by Owner at 2014-04-28 16:12:49 Run:1
Running from E:\
Boot Mode: Safe Mode (minimal)
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [766656 2014-01-09] ()
HKU\Owner\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Owner\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 C:\Program Files (x86)\Mobogenie
 C:\Users\Owner\AppData\Local\Conduit
 2014-04-18 00:20 - 2014-04-18 00:20 - 00000000 ____D () C:\Program Files (x86)\UTuberAdBlocker
 2014-04-17 23:32 - 2014-01-23 11:42 - 00000000 ____D () C:\Program Files (x86)\greatsavier
2014-04-17 23:31 - 2014-01-31 16:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\mysearchdial
2014-04-17 23:30 - 2011-08-16 14:30 - 00000000 ____D () C:\ProgramData\PCPowerSpeed
2014-04-17 23:22 - 2014-01-31 14:51 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-15 04:12 - 2014-01-31 14:58 - 00000000 ____D () C:\Windows\SpeedItup Free
2014-04-15 04:12 - 2014-01-22 06:31 - 00000000 ____D () C:\Users\Owner\AppData\Local\Mobogenie
2014-04-15 04:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-04-15 04:12 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-15 04:11 - 2014-01-22 06:27 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-04-15 04:11 - 2011-08-16 14:30 - 00000000 ____D () C:\Program Files (x86)\Inbox.com
2014-04-15 04:11 - 2011-08-02 14:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-15 04:11 - 2009-07-13 23:44 - 00000000 ___RD () C:\Users\Public\Recorded TV


*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value deleted successfully.
HKU\Owner\Software\Microsoft\Windows\CurrentVersion\Run\\BackgroundContainer => Value not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Program Files (x86)\Mobogenie => Moved successfully.
C:\Users\Owner\AppData\Local\Conduit => Moved successfully.
C:\Program Files (x86)\UTuberAdBlocker => Moved successfully.
C:\Program Files (x86)\greatsavier => Moved successfully.
C:\Users\Owner\AppData\Roaming\mysearchdial => Moved successfully.
C:\ProgramData\PCPowerSpeed => Moved successfully.
C:\Program Files (x86)\Browsersafeguard => Moved successfully.
C:\Windows\SpeedItup Free => Moved successfully.
C:\Users\Owner\AppData\Local\Mobogenie => Moved successfully.
C:\Windows\System32\NDF => Moved successfully.
C:\Windows\L2Schemas => Moved successfully.
"C:\Program Files (x86)\Mobogenie" => File/Directory not found.
C:\Program Files (x86)\Inbox.com => Moved successfully.
C:\ProgramData\McAfee Security Scan => Moved successfully.
C:\Users\Public\Recorded TV => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 29 April 2014 - 10:59 AM

Scan with Farbar´s Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender

  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

 

 

Scan with Mini Toolbox 


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
 

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 08 May 2014 - 04:21 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 AM

Posted 08 May 2014 - 04:31 PM

This topic has been re-opened at the request of the person who originally posted.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 rbrtcarp

rbrtcarp
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:54 AM

Posted 08 May 2014 - 04:47 PM

Thank you :)

 

Farbar Service Scanner Version: 03-05-2014
Ran by Owner (administrator) on 08-05-2014 at 17:19:35
Running from "E:\"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Owner (administrator) on 08-05-2014 at 17:38:41
Running from "E:\"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Broadcom 802.11n Network Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Owner-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
   Physical Address. . . . . . . . . : C4-17-FE-0F-F0-FF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 70-5A-B6-26-3A-B6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{856ED3C4-B8B5-470E-B3C2-641E5FDB459F}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5BE19D4E-A13B-4AD2-85A9-37073276EBF1}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...c4 17 fe 0f f0 ff ......Broadcom 802.11n Network Adapter
 10...70 5a b6 26 3a b6 ......Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/08/2014 05:29:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service MSDTC Bridge 4.0.0.0 (MSDTC Bridge 4.0.0.0) failed. The first DWORD in the Data section contains the error code.

Error: (05/08/2014 05:29:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/08/2014 05:29:00 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service MSDTC Bridge 4.0.0.0 (MSDTC Bridge 4.0.0.0) failed. The first DWORD in the Data section contains the error code.

Error: (05/08/2014 05:29:00 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/08/2014 05:29:00 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service SMSvcHost 4.0.0.0 (SMSvcHost 4.0.0.0) failed. The first DWORD in the Data section contains the error code.

Error: (05/08/2014 05:29:00 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/08/2014 05:28:59 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service SMSvcHost 4.0.0.0 (SMSvcHost 4.0.0.0) failed. The first DWORD in the Data section contains the error code.

Error: (05/08/2014 05:28:59 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/08/2014 05:26:10 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (05/08/2014 05:23:11 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.


System errors:
=============
Error: (05/08/2014 05:16:30 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
hlnfd

Error: (05/08/2014 05:16:07 PM) (Source: Service Control Manager) (User: )
Description: The MgAssist Service service failed to start due to the following error:
%%2

Error: (05/08/2014 05:16:07 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (05/08/2014 05:16:04 PM) (Source: Service Control Manager) (User: )
Description: The WLAN AutoConfig service terminated with the following error:
%%3

Error: (05/08/2014 05:16:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN AutoConfig service has failed to start.

Error Code: 3

Error: (05/08/2014 05:15:16 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (05/08/2014 05:15:16 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (05/08/2014 05:15:27 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:17:07 AM on ?4/?29/?2014 was unexpected.

Error: (04/29/2014 07:14:00 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (04/29/2014 07:14:00 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-24 20:47:14.569
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-24 20:47:13.852
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-24 20:47:13.150
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-24 20:47:12.432
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-22 16:33:11.056
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-22 16:33:10.354
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
Acer Arcade Deluxe (Version: 3.0.7029)
Acer Assist
Acer ePower Management (Version: 4.05.3006)
Acer eRecovery Management (Version: 4.05.3006)
Acer Games (Version: 1.0.2.5)
Acer GridVista (Version: 3.01.0730)
Acer Registration (Version: 1.02.3006)
Acer ScreenSaver (Version: 1.02.0804)
Acer Updater (Version: 1.01.3017)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.7.0.19480)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Download Assistant (Version: 1.0.2)
Adobe Fireworks CS5 (Version: 11.0)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Media Player (Version: 1.8)
Adobe Reader 9.4.4 MUI (Version: 9.4.4)
ALPS Touch Pad Driver (Version: Version 7.102.2002.209)
Amazon Kindle
AMD USB Filter Driver (Version: 1.0.11.86)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.10)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Canon Easy-WebPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 3.0
Canon MP250 series MP Drivers
Canon MP250 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full Existing (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full New (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Light (Version: 2009.0729.2227.38498)
Catalyst Control Center InstallProxy (Version: 2009.0729.2227.38498)
Catalyst Control Center Localization All (Version: 2009.0729.2227.38498)
CCC Help Chinese Standard (Version: 2009.0729.2226.38498)
CCC Help Chinese Traditional (Version: 2009.0729.2226.38498)
CCC Help Czech (Version: 2009.0729.2226.38498)
CCC Help Danish (Version: 2009.0729.2226.38498)
CCC Help Dutch (Version: 2009.0729.2226.38498)
CCC Help English (Version: 2009.0729.2226.38498)
CCC Help Finnish (Version: 2009.0729.2226.38498)
CCC Help French (Version: 2009.0729.2226.38498)
CCC Help German (Version: 2009.0729.2226.38498)
CCC Help Greek (Version: 2009.0729.2226.38498)
CCC Help Hungarian (Version: 2009.0729.2226.38498)
CCC Help Italian (Version: 2009.0729.2226.38498)
CCC Help Japanese (Version: 2009.0729.2226.38498)
CCC Help Korean (Version: 2009.0729.2226.38498)
CCC Help Norwegian (Version: 2009.0729.2226.38498)
CCC Help Polish (Version: 2009.0729.2226.38498)
CCC Help Portuguese (Version: 2009.0729.2226.38498)
CCC Help Russian (Version: 2009.0729.2226.38498)
CCC Help Spanish (Version: 2009.0729.2226.38498)
CCC Help Swedish (Version: 2009.0729.2226.38498)
CCC Help Thai (Version: 2009.0729.2226.38498)
CCC Help Turkish (Version: 2009.0729.2226.38498)
ccc-core-static (Version: 2009.0729.2227.38498)
ccc-utility64 (Version: 2009.0729.2227.38498)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dante (Version: 1.0.1)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
eBay Worldwide (Version: 2.1.0901)
eSobi v2 (Version: 2.0.4.000274)
Google Chrome (Version: 32.0.1700.102)
Google Earth (Version: 7.1.2.2041)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.3)
Identity Card (Version: 1.00.3003)
InternetHelper3.1 Toolbar for IE (Version: 6.17.1.25)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 3.0.03)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
McAfee Security Scan Plus (Version: 3.8.130.10)
MemTurbo 4
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 1.00.0000)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Mobile Broadband Generic Drivers (Version: 2.03.09.005.14)
Mobile PhoneTools (Version: 3.55)
Mobogenie
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mysteryville (remove only)
MyWinLocker (Version: 3.1.76.0)
Norton Online Backup (Version: 1.2.0.36)
NTI Backup Now 5 (Version: 5.1.2.627)
NTI Backup Now Standard (Version: 5.1.2.627)
NTI Media Maker 8 (Version: 8.0.12.6623)
PANTECH USB Modem V2 (Version: 1.2.4151.1109)
Public Enemies - Bonnie and Clyde (Version: 2.2.0.95)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30095)
Revo Uninstaller 1.95 (Version: 1.95)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Severe Weather Alerts (Version: 1.23.0.0)
Sniffy Pro (Version: 6.2.4)
U.S. Cellular Broadband Connect (Version: 1.09)
Unexpected Journey (Version: 2.2.0.95)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Verizon Wireless MiFi-2200 Firmware Updates (Version: 1.0.1)
Verizon Wireless USB760 Firmware Updates (Version: 1.0.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VZAccess Manager (Version: 7.2.7.1)
Welcome Center (Version: 1.00.3008)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
ZTE Handset USB Driver
ZTE Handset USB Driver (Version: 5.2066.1.9B04)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 2812.05 MB
Available physical RAM: 1609.02 MB
Total Pagefile: 7028.23 MB
Available Pagefile: 5493.72 MB
Total Virtual: 4095.88 MB
Available Virtual: 3986.69 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:136.95 GB) (Free:68.97 GB) NTFS
3 Drive e: (USB20FD) (Removable) (Total:60.94 GB) (Free:60.92 GB) FAT32

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator            Guest                    Owner                    


**** End of log ****
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users