possible infections???

View previous topic View next topic Go down

possible infections???

Post by racafrustrated on Mon 10 Mar 2014, 8:56 am

My old windows XP machine was running slow and strange popups when running google chrome...

Here is the the report from AdwCleaner....

# AdwCleaner v3.020 - Report created 04/03/2014 at 16:53:37
# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - 3A
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : DefaultTabSearch
Service Found : DefaultTabUpdate

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Found : C:\END
File Found : C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Found : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Found C:\Documents and Settings\Administrator\Application Data\AVG Secure Search
Folder Found C:\Documents and Settings\Administrator\Application Data\DefaultTab
Folder Found C:\Documents and Settings\Administrator\Application Data\PriceGong
Folder Found C:\Documents and Settings\Administrator\Application Data\SwvUpdater
Folder Found C:\Documents and Settings\Administrator\Application Data\uniblue
Folder Found C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG Secure Search
Folder Found C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
Folder Found C:\Documents and Settings\Administrator\Local Settings\Application Data\DownloadTerms
Folder Found C:\Documents and Settings\Administrator\Local Settings\Application Data\PackageAware
Folder Found C:\Documents and Settings\Administrator\Local Settings\Application Data\strongvault
Folder Found C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Found C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
Folder Found C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
Folder Found C:\Documents and Settings\All Users\Application Data\SaveAs
Folder Found C:\Documents and Settings\All Users\Application Data\SaveAs
Folder Found C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found C:\Program Files\AVG Secure Search
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\DefaultTab
Folder Found C:\Program Files\Free Offers from Freeze.com
Folder Found C:\Program Files\SaveValet
Folder Found C:\Program Files\Viewpoint
Folder Found C:\WINDOWS\system32\AI_RecycleBin
Folder Found C:\WINDOWS\system32\TempDir

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\caphyon
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B422F1BC-9ADB-48A7-8B13-00C176039DC5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B422F1BC-9ADB-48A7-8B13-00C176039DC5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKCU\Software\pc optimizer pro
Key Found : HKCU\Software\PriceGong
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\SocialBit
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\Software\DefaultTab
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab Chrome
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\Viewpoint
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : homepage
Found : homepage

*************************

AdwCleaner[R0].txt - [13235 octets] - [04/03/2014 16:53:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13296 octets] ##########

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by Belahzur on Mon 10 Mar 2014, 9:01 am

Hi.
That is the Scan log, did you press the Clean button after?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Mon 10 Mar 2014, 9:03 am

No.... I ran the malware bytes next....

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
[You must be registered and logged in to see this link.]

Database version: v2014.03.04.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: 3A [administrator]

Protection: Enabled

3/4/2014 5:02:30 PM
mbam-log-2014-03-04 (17-02-30).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 942517
Time elapsed: 5 hour(s), 12 minute(s), 9 second(s)

Memory Processes Detected: 2
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> 704 -> Delete on reboot.
C:\Program Files\DefaultTab\DefaultTabHost.exe (PUP.Optional.DefaultTab.A) -> 3196 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 31
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX.1 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} (PUP.Optional.RelatedSearchs.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} (PUP.Optional.RelatedSearchs.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabSearch (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\DefaultTabBHO.DLL (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\Software\ConduitSearchScopes (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\Software\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\CROSSRIDER (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKCU\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.0.14.0 -> Quarantined and deleted successfully.
HKCU\Software\Crossrider|Verifier (PUP.Optional.CrossRider.A) -> Data: a68d5097cdce3312ed02212c175d1e3a -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.0.14.0 -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchResults) -> Bad: (http://www.mysearchresults.com/?c=9001&t=03) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 75
C:\Program Files\DefaultTab (PUP.Optional.DefaultTab.A) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\SaveAs (PUP.OPtional.SaveAs.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab (PUP.Optional.DefaultTab.A) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\Apps (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Updater12555 (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\_locales (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\_locales\en (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\plugins (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Program Files\SaveValet (PUP.Optional.SaveValet.A) -> Quarantined and deleted successfully.

Files Detected: 554
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\WINDOWS\ServicePackFiles\i386\lang\imjpmig.exe (Trojan.Agent.GN) -> Quarantined and deleted successfully.
C:\WINDOWS\I386\LANG\IMJPMIG.EX_ (Trojan.Agent.GN) -> Quarantined and deleted successfully.
C:\WINDOWS\ime\imjp8_1\imjpmig.exe (Trojan.Agent.GN) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dllcache\imjpmig.exe (Trojan.Agent.GN) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DefaultTabStart.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DefaultTabStart64.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DefaultTabWrap.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DefaultTabWrap64.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Updater12555\Updater12555.exe (PUP.Optional.JollyWallet) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\regincd2.exe (Spyware.OnLineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\Media Player Setup__2467_il742844.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\UpdUninstall.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\nsnB15.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\nsv2ED1.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\nsw2ED6.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\jw_amonetize_101_10_20.exe (PUP.Optional.JollyWallet) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\dlLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\chlogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\ielogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\Media Player Setup__2467_il742844.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\expertpdf7.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1914\A0217604.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1914\A0217605.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1914\A0217606.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1914\A0217607.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1914\A0217608.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1915\A0217711.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1915\A0217712.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1915\A0217713.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1915\A0217714.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1915\A0217715.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1916\A0217854.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1916\A0217856.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1916\A0217857.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1916\A0217858.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1916\A0217859.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218194.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218195.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218196.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218197.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218198.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218268.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218271.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218274.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218276.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1917\A0218280.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1891\A0212873.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1903\A0215456.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1903\A0215457.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1903\A0215458.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1903\A0215459.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1903\A0215460.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1906\A0216011.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1906\A0216012.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1906\A0216013.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1906\A0216014.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1906\A0216015.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1907\A0216326.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1907\A0216324.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1907\A0216325.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1907\A0216327.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9786E1A5-2E7F-4801-91A9-EF3D4F91683E}\RP1907\A0216328.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Program Files\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files\DefaultTab\DefaultTab.crx (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Program Files\DefaultTab\DefaultTabHost.exe (PUP.Optional.DefaultTab.A) -> Delete on reboot.
C:\Program Files\DefaultTab\DefaultTabHost.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Program Files\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Program Files\DefaultTab\uid (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Program Files\DefaultTab\uninstaller.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SaveAs\dfpcineafdikocogkknbkfkcgedblnip.crx (PUP.OPtional.SaveAs.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SaveAs\50ca3af509405.html (PUP.OPtional.SaveAs.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SaveAs\50ca3af50943e.js (PUP.OPtional.SaveAs.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\wlu.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\addon.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\amazon_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\blocklist.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.cfg (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DT.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\DTReg.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\ebay_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\facebook_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\searchhere.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\search_here_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\twitter_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\uninstalldt.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\update.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\wikipedia_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\DefaultTab\DefaultTab\youtube_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\CT3289847.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\initData.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\ct3289847\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\18x18.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\background.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\blank.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\icon.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\manifest.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\new_tab.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\search_box.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\injection.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Mon 10 Mar 2014, 9:04 am

part 2..... it was too big...


C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\help.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\bg.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\content.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\md5.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\ScriptChecker.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\ScriptInjector.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.8_0\_locales\en\messages.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\18x18.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\background.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\blank.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\manifest.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\new_tab.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\search_box.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\injection.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\help.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\bg.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\content.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\plugins\npDefaultTabSearch.dll (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\18x18.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\background.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\blank.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\manifest.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\new_tab.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\search_box.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\injection.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\help.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js\bg.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js\content.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.27_0\plugins\npDefaultTabSearch.dll (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\18x18.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\background.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\blank.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\manifest.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\new_tab.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\search_box.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\injection.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\jquery-

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Mon 10 Mar 2014, 9:05 am

part 3 of 3....


ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\help.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js\bg.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js\content.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.28_0\plugins\npDefaultTabSearch.dll (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\18x18.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\background.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\blank.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\manifest.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\new_tab.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\search_box.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\injection.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\help.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\bg.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\content.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\18x18.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\background.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\blank.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\manifest.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\new_tab.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\search_box.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\injection.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\help.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\bg.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\content.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ScriptChecker.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ScriptInjector.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins\npDefaultTabSearch.dll (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\18x18.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\background.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\blank.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\manifest.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\manifest_no_button.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\new_tab.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\search_box.html (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\injection.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\jquery-ui-1.8.16.custom.css (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_222222_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_454545_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_888888_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\help.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Bing.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Google.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Search here.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Yahoo.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\bullet_arrow_down.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\bullet_arrow_down_old.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\icon.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search-inner-wrapper.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search-left.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_arrow_top_button.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_arrow_top_button_hovered.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_left_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_left_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_middle_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_right_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_right_bottom_border_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_bg.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_left_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_left_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_right_before_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_right_corner.png (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\bg.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ConfigManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\content.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\InjectionManager.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery-1.7.1.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery-ui-1.8.16.custom.min.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery.guid.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\newTab.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ScriptChecker.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ScriptInjector.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\SearchBox.js (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Program Files\SaveValet\extension.crx (PUP.Optional.SaveValet.A) -> Quarantined and deleted successfully.

(end)

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by Belahzur on Mon 10 Mar 2014, 9:06 am

That's a lot :p

Can you re-run adw and let it re-run it's scan, then press Clean afterwards and post the removal log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Mon 10 Mar 2014, 9:29 am

Here it is.... # AdwCleaner v3.020 - Report created 09/03/2014 at 14:59:00
# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - 3A
# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Security

Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\WINDOWS\system32\AI_RecycleBin
Folder Deleted : C:\WINDOWS\system32\TempDir
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application

Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application

Data\Conduit
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application

Data\DownloadTerms
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application

Data\PackageAware
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application

Data\strongvault
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\AVG Secure

Search
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\DefaultTab
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\SwvUpdater
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\uniblue
File Deleted : C:\END
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application

Data\Google\Chrome\User Data\Default\Local

Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application

Data\Google\Chrome\User Data\Default\Local

Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-

11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-

4DE6-BFB6-AD540AD427CD}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety

plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-

11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-

4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-

4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B422F1BC-9ADB-

48A7-8B13-00C176039DC5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-

4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-

40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E

-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F

-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B422F1BC-9ADB

-48A7-8B13-00C176039DC5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA

-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-

266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-

4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED

-B567-48701376298E}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-

B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-

B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-

B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-

55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted :

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardPro

file\AuthorizedApplications\List [C:\Program Files\Common Files\SafeNet Sentinel\Sentinel

Keys Server\sntlkeyssrvr.exe]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\caphyon
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SocialBit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG

Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\ViewpointMediaPlayer

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v

[ File : C:\Documents and Settings\Administrator\Local Settings\Application

Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [13377 octets] - [04/03/2014 17:53:37]
AdwCleaner[R1].txt - [10920 octets] - [09/03/2014 14:55:51]
AdwCleaner[S0].txt - [11094 octets] - [09/03/2014 14:59:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11155 octets] ##########

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by Belahzur on Mon 10 Mar 2014, 9:30 am

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted.
  • Under Extra Registry, select Use Safelist if it isn't already selected.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • Please attach both logs.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Tue 11 Mar 2014, 2:07 am

Here you go....

OTL logfile created on: 3/9/2014 3:26:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.97 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 65.11% Memory free
4.28 Gb Paging File | 3.21 Gb Available in Paging File | 75.05% Paging File free
Paging file location(s): C:\pagefile.sys 1500 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 35.02 Gb Free Space | 24.26% Space Free | Partition Type: NTFS
Drive D: | 4.72 Gb Total Space | 1.41 Gb Free Space | 29.98% Space Free | Partition Type: FAT32
Drive O: | 927.61 Gb Total Space | 926.23 Gb Free Space | 99.85% Space Free | Partition Type: NTFS
Drive P: | 1117.83 Gb Total Space | 932.29 Gb Free Space | 83.40% Space Free | Partition Type: NTFS
Drive Z: | 2768.10 Gb Total Space | 2572.96 Gb Free Space | 92.95% Space Free | Partition Type: NTFS

Computer Name: 3A | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/03/09 15:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2014/03/01 19:35:27 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2014/01/02 17:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2013/11/20 02:54:20 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/11/20 02:54:00 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/10/23 02:06:16 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/07/10 01:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013/07/04 15:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2013/05/03 18:18:24 | 009,891,328 | ---- | M] (LaCie SA) -- C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe
PRC - [2013/04/04 15:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 15:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 15:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/01/08 07:28:03 | 000,065,472 | ---- | M] (LISTECH Pty. Ltd.) -- C:\WINDOWS\system32\LiscadUpdate.exe
PRC - [2012/05/07 01:35:26 | 000,126,976 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
PRC - [2010/10/20 08:06:04 | 001,250,592 | ---- | M] (SafeNet, Inc) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2010/10/20 02:03:02 | 000,374,048 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2010/10/20 02:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
PRC - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008/04/14 06:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/07/05 20:52:28 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2004/10/21 18:44:00 | 002,744,832 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/10/21 15:20:00 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/09/21 11:10:12 | 000,550,400 | ---- | M] () -- C:\WINDOWS\mHotkey.exe
PRC - [2004/03/02 20:24:50 | 005,576,704 | ---- | M] (Chicony) -- C:\WINDOWS\CNYHKey.exe


========== Modules (No Company Name) ==========

MOD - [2014/03/01 19:35:25 | 000,394,568 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\ppgooglenaclpluginchrome.dll
MOD - [2014/03/01 19:35:24 | 013,632,840 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
MOD - [2014/03/01 19:35:23 | 004,061,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\pdf.dll
MOD - [2014/03/01 19:35:17 | 001,647,432 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
MOD - [2014/03/01 19:35:15 | 000,051,016 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
MOD - [2014/01/02 17:45:04 | 003,558,400 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/10/18 16:55:02 | 025,100,288 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\libcef.dll
MOD - [2013/05/02 16:36:24 | 000,194,048 | ---- | M] () -- C:\Program Files\LaCie\Network Assistant\curllib.dll
MOD - [2013/05/02 16:36:24 | 000,110,592 | ---- | M] () -- C:\Program Files\LaCie\Network Assistant\openldap.dll
MOD - [2010/09/13 08:06:45 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2009/08/18 15:54:22 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/04/14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/02/28 10:25:14 | 000,008,192 | ---- | M] () -- C:\WINDOWS\system32\DWFPortMon3.dll
MOD - [2005/07/25 15:50:16 | 000,051,716 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll
MOD - [2004/09/21 11:10:12 | 000,550,400 | ---- | M] () -- C:\WINDOWS\mHotkey.exe
MOD - [2003/12/08 03:36:28 | 000,049,152 | ---- | M] () -- C:\WINDOWS\CNYUSB.dll
MOD - [2003/05/16 07:09:32 | 000,011,776 | ---- | M] () -- C:\WINDOWS\HIDMNT.dll
MOD - [2002/09/26 03:07:02 | 000,005,120 | ---- | M] () -- C:\WINDOWS\HKCYDLL.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe -- (vToolbarUpdater18.0.0)
SRV - [2013/11/20 02:54:20 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/04 15:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 15:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/01/08 07:28:03 | 000,065,472 | ---- | M] (LISTECH Pty. Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LiscadUpdate.exe -- (LISCADUpdate)
SRV - [2012/05/07 01:35:26 | 000,126,976 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\WINDOWS\system32\Crypserv.exe -- (Crypkey License)
SRV - [2011/11/10 06:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/10/20 08:06:04 | 001,250,592 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2010/10/20 02:03:02 | 000,374,048 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2010/10/20 02:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe -- (SentinelSecurityRuntime)
SRV - [2010/05/26 10:38:18 | 000,134,984 | ---- | M] (PEERNET Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\PNSvc8.exe -- (PEERNET Spooler Service)
SRV - [2008/04/14 06:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 06:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)
SRV - [2008/04/14 06:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/14 06:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2005/12/09 15:07:02 | 000,323,584 | ---- | M] (MAUS Software) [On_Demand | Stopped] -- C:\Program Files\Common Files\WPE\wpeserv.exe -- (WPEServ)
SRV - [2005/07/20 10:58:04 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2005/07/05 20:52:28 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014/03/04 09:27:16 | 000,042,784 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/11/25 02:48:36 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/10/23 02:05:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/07/20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/07/20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2013/07/01 01:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2013/04/04 15:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2013/02/27 07:11:00 | 000,079,728 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WibuKey.sys -- (WIBUKEY)
DRV - [2012/05/07 01:35:24 | 000,020,742 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX)
DRV - [2010/10/20 08:05:02 | 000,038,472 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (SNTNLUSB)
DRV - [2009/09/17 08:05:02 | 000,092,712 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\sentinel.sys -- (Sentinel)
DRV - [2006/12/07 09:56:15 | 000,097,792 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV05.sys -- (ACEDRV05)
DRV - [2005/07/05 20:54:00 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2004/10/27 18:24:00 | 002,297,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004/08/12 17:45:52 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/06/17 15:56:22 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/06/17 15:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 15:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/06/16 05:14:00 | 000,180,480 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2003/12/30 04:38:52 | 000,028,080 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\incdrm.sys -- (incdrm)
DRV - [2001/08/17 12:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC D7 6C B0 0D 84 CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{4F7C1255-D998-4BDD-991E-F85708A8EE7E}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{66742AE2-EDD2-4A7A-B75E-698025D4726B}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{8C01CEAB-66F2-46E8-ACFA-07A93E3DC6A8}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: [You must be registered and logged in to see this link.]
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Docs PDF/PowerPoint Viewer (by Google) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2004/08/04 12:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (Autodesk DWF) - {F03966D3-8EA0-47b4-BBE0-85BFE6CBC8AC} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll (Autodesk, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Autodesk DWF) - {F03966D3-8EA0-47B4-BBE0-85BFE6CBC8AC} - C:\Program Files\Autodesk\Autodesk DWF Writer\DWF Addin\DWFIEAddin.dll (Autodesk, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\mHotkey.exe ()
O4 - HKLM..\Run: [Gateway Extended Warranty] C:\Program Files\Gateway\GWCares\GWCares.exe (BillP Studios)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [ledpointer] C:\WINDOWS\CNYHKey.exe (Chicony)
O4 - HKLM..\Run: [Mixersel] C:\Program Files\Realtek\InstallShield\mixersel.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [ShowWnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Administrator\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [LaCie Ethernet Agent Startup] C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe (LaCie SA)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Open with PDF Professional 2 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Program Files\DATA BECKER\PDF Professional 2\pdfshell.dll (TODO: )
O9 - Extra 'Tools' menuitem : Open with PDF Professional 2 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Program Files\DATA BECKER\PDF Professional 2\pdfshell.dll (TODO: )
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: isqft.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O16 - DPF: {87C434E6-67DF-4D2C-9136-49E98C15FCD7} [You must be registered and logged in to see this link.] (BravaClientXView 6.0 Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_26)
O16 - DPF: {D347D9C2-C12A-43E8-A1AC-E12623F839D5} [You must be registered and logged in to see this link.] (BravaClientXWrapperCtrl 7.0 Class)
O16 - DPF: {DB90DEA9-0897-4B02-9FE0-1E321A22EAB0} [You must be registered and logged in to see this link.] (Chilkat Zip2)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} [You must be registered and logged in to see this link.] (Persits Software XUpload)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1825C44D-9677-473B-B37D-94B8C01BFE1D}: NameServer = 4.2.2.1,4.2.2.2
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/12/28 12:22:12 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2004/05/26 13:25:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/09/13 12:15:24 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/07/24 13:23:36 | 000,000,000 | ---- | M] () - O:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{982db5a4-86fe-11e0-bdd6-001320079112}\Shell\AutoRun\command - "" = F:\RunClubSanDisk.exe
O33 - MountPoints2\{d778a9da-1f60-11e1-be69-001320079112}\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/03/09 15:25:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2014/03/05 10:30:14 | 000,000,000 | ---D | C] -- C:\Avenger
[2014/03/04 17:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2014/03/04 17:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/03/04 17:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/03/04 17:56:46 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/03/04 17:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/03/04 17:56:07 | 010,284,816 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2014/03/04 17:53:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/27 14:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\AutoDWG
[2014/02/27 14:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AutoDWG
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Administrator\Desktop\Section PDF...
[2014/03/09 15:49:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/09 15:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2014/03/09 15:10:05 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/03/09 15:08:50 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/09 15:08:49 | 000,000,426 | ---- | M] () -- C:\WINDOWS\tasks\PC Optimizer Pro startups.job
[2014/03/09 15:08:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/03/09 15:08:30 | 3194,224,640 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/09 15:01:18 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-15332005-4195891953-2897543146-500UA.job
[2014/03/09 14:31:51 | 000,987,442 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\SecurityCheck.exe
[2014/03/09 14:24:00 | 000,522,158 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/03/09 14:24:00 | 000,101,902 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/03/07 15:43:47 | 000,004,096 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\00000187.LCS
[2014/03/07 15:34:26 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2014/03/07 14:50:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\DTReg.job
[2014/03/07 14:01:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-15332005-4195891953-2897543146-500Core.job
[2014/03/07 13:53:01 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2014/03/07 10:39:30 | 000,000,049 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2014/03/07 08:25:52 | 000,002,513 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2003.lnk
[2014/03/06 14:48:42 | 000,130,548 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\doc_17116.pdf
[2014/03/06 14:47:54 | 000,420,727 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\doc_17092.pdf
[2014/03/06 14:44:29 | 000,530,970 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\doc_17104.pdf
[2014/03/06 00:30:47 | 000,113,738 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\doc_16480.pdf
[2014/03/06 00:29:41 | 000,130,548 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\doc_17116.pdf
[2014/03/05 08:50:01 | 000,001,108 | RHS- | M] () -- C:\Documents and Settings\Administrator\ntuser.pol
[2014/03/04 17:56:48 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/04 17:56:19 | 010,284,816 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2014/03/04 17:53:16 | 001,244,192 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2014/03/04 09:27:16 | 000,042,784 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014/03/04 00:05:08 | 000,002,362 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/04 00:05:08 | 000,002,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2014/02/27 14:00:14 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DGN to DWG Converter 2013.lnk
[2014/02/19 18:04:38 | 013,410,506 | ---- | M] () -- C:\12-051-PLANNING.dwg
[2014/02/14 09:20:13 | 000,068,705 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\GetContent.png
[2014/02/13 08:56:51 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

File not found -- C:\Documents and Settings\Administrator\Desktop\Section PDF...
[2014/03/09 14:31:49 | 000,987,442 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\SecurityCheck.exe
[2014/03/06 14:48:42 | 000,130,548 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\doc_17116.pdf
[2014/03/06 14:47:54 | 000,420,727 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\doc_17092.pdf
[2014/03/06 14:44:28 | 000,530,970 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\doc_17104.pdf
[2014/03/06 00:30:46 | 000,113,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\doc_16480.pdf
[2014/03/06 00:29:38 | 000,130,548 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\doc_17116.pdf
[2014/03/04 17:56:48 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/04 17:53:15 | 001,244,192 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe
[2014/02/27 14:00:14 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DGN to DWG Converter 2013.lnk
[2014/02/19 18:04:38 | 009,159,360 | ---- | C] () -- C:\12-051-PLANNING.bak
[2014/02/14 09:20:10 | 000,068,705 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\GetContent.png
[2014/01/29 11:46:38 | 000,724,992 | ---- | C] () -- C:\WINDOWS\System32\OC611as.dll
[2014/01/29 11:46:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\UsbMgln.dll
[2014/01/29 11:46:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\COMWRK32.INI
[2014/01/14 18:20:07 | 000,000,363 | ---- | C] () -- C:\WINDOWS\IDload.INI
[2014/01/14 18:09:40 | 000,000,055 | ---- | C] () -- C:\WINDOWS\hcomw32.ini
[2014/01/14 18:09:14 | 000,000,149 | ---- | C] () -- C:\WINDOWS\Studio.INI
[2013/12/11 11:33:37 | 000,033,708 | ---- | C] () -- C:\WINDOWS\System32\drivers\Usbkey.sys
[2013/12/11 11:33:35 | 000,012,480 | ---- | C] () -- C:\WINDOWS\System32\KL2N.DLL
[2013/12/11 11:33:34 | 000,008,968 | ---- | C] () -- C:\WINDOWS\System32\KL2DLL.DLL
[2013/12/11 11:33:34 | 000,007,440 | ---- | C] () -- C:\WINDOWS\System32\ppmon.dll
[2013/12/11 11:33:33 | 000,024,136 | ---- | C] () -- C:\WINDOWS\System32\ppmon.exe
[2013/10/18 16:48:22 | 000,261,456 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/08/14 08:04:46 | 000,001,108 | RHS- | C] () -- C:\Documents and Settings\Administrator\ntuser.pol
[2013/08/12 09:22:45 | 000,723,230 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2013/08/12 09:22:45 | 000,012,806 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013/03/01 11:38:20 | 000,000,769 | ---- | C] () -- C:\WINDOWS\strsvr.ini
[2013/03/01 11:38:13 | 000,000,225 | ---- | C] () -- C:\WINDOWS\srctblbrows.ini
[2013/03/01 11:36:44 | 000,002,899 | ---- | C] () -- C:\WINDOWS\rtknavi.ini
[2013/03/01 11:36:17 | 000,001,091 | ---- | C] () -- C:\WINDOWS\rtkconv.ini
[2013/03/01 11:36:15 | 000,002,214 | ---- | C] () -- C:\WINDOWS\rtkpost.ini
[2013/03/01 11:35:52 | 000,001,506 | ---- | C] () -- C:\WINDOWS\rtkplot.ini
[2013/02/22 09:01:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/02/21 14:07:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TopconReportViewer.INI
[2013/02/21 11:24:50 | 000,000,004 | ---- | C] () -- C:\WINDOWS\vx86036.dat
[2013/02/05 08:44:37 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\winscp.rnd
[2012/08/21 11:15:58 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\PUTTY.RND
[2012/05/07 01:35:26 | 000,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe
[2012/05/07 01:35:24 | 000,020,742 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2011/03/03 08:24:00 | 007,742,007 | ---- | C] () -- C:\Documents and Settings\Administrator\site3d.obs
[2011/03/03 08:20:20 | 000,888,832 | ---- | C] () -- C:\Documents and Settings\Administrator\teqc.exe
[2009/05/11 08:45:07 | 000,000,085 | ---- | C] () -- C:\Documents and Settings\Administrator\appletfile.props
[2006/05/15 08:43:41 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/25 15:17:03 | 000,006,473 | ---- | C] () -- C:\Documents and Settings\Administrator\Administrator_notes.dat
[2005/07/20 14:23:06 | 000,037,906 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\wklnhst.dat
[2005/07/20 12:02:10 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2001/02/26 14:48:40 | 000,076,544 | R--- | C] () -- C:\Program Files\SBCMHELP.chm
[2001/02/26 14:24:02 | 000,076,175 | R--- | C] () -- C:\Program Files\msphelp.chm
[2001/02/26 14:22:44 | 000,180,838 | R--- | C] () -- C:\Program Files\OWSHLP10.CHM

========== ZeroAccess Check ==========

[2005/07/05 20:26:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 06:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 236 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A93C4716

< End of report >

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Tue 11 Mar 2014, 2:08 am

Here are the Extras...

OTL Extras logfile created on: 3/9/2014 3:26:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.97 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 65.11% Memory free
4.28 Gb Paging File | 3.21 Gb Available in Paging File | 75.05% Paging File free
Paging file location(s): C:\pagefile.sys 1500 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 35.02 Gb Free Space | 24.26% Space Free | Partition Type: NTFS
Drive D: | 4.72 Gb Total Space | 1.41 Gb Free Space | 29.98% Space Free | Partition Type: FAT32
Drive O: | 927.61 Gb Total Space | 926.23 Gb Free Space | 99.85% Space Free | Partition Type: NTFS
Drive P: | 1117.83 Gb Total Space | 932.29 Gb Free Space | 83.40% Space Free | Partition Type: NTFS
Drive Z: | 2768.10 Gb Total Space | 2572.96 Gb Free Space | 92.95% Space Free | Partition Type: NTFS

Computer Name: 3A | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.scr [@ = AutoCADScriptFile] -- C:\Program Files\Windows NT\Accessories\WORDPAD.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1046:TCP" = 1046:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" = C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" = C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE:*:Enabled:Microsoft Office Word -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Administrator\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\Administrator\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client -- (Akamai Technologies, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Documents and Settings\Administrator\My Documents\Downloads\rinex\rtklib_2.4.1_bin\rtklib_2.4.1_bin\bin\rtknavi.exe" = C:\Documents and Settings\Administrator\My Documents\Downloads\rinex\rtklib_2.4.1_bin\rtklib_2.4.1_bin\bin\rtknavi.exe:*:Enabled:rtknavi -- ()
"C:\Documents and Settings\Administrator\My Documents\Downloads\rinex\rtklib_2.4.1_bin\rtklib_2.4.1_bin\bin\rtknavi_mkl.exe" = C:\Documents and Settings\Administrator\My Documents\Downloads\rinex\rtklib_2.4.1_bin\rtklib_2.4.1_bin\bin\rtknavi_mkl.exe:*:Enabled:rtknavi_mkl -- ()
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" = C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server -- (SafeNet, Inc)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WibuKey Setup (WibuKey Remove)
"{01C4B028-D2B7-4C55-A103-1A3AE72E5377}" = Geoid Geoid09
"{05410044-64A6-4248-A026-9745C1E9E159}" = Microsoft Encarta Encyclopedia Standard 2005
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{11727B36-08FC-48ED-93DE-7CDB1E76F8FD}" = Wide Format Network TWAIN Source
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A71C4F-94D9-44EA-AC98-FF8A045273AB}" = iSqFt Lite Viewer V4.01
"{1A89C9A6-578D-4501-95D4-A5C282917BC6}" = BT-PlotAssistant
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{202838D4-A7B6-4099-B0A4-14C12ECA2703}" = TopSURV PC
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237a4b22-78c2-11d6-a394-00104bd190b1}" = QuickBooks Pro Edition 2003
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 26
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BDFA66C-ECC8-4C56-BD75-96575401AED4}" = Autodesk Civil Design 2006
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It! Library 10
"{413A86B3-574B-497B-A715-7AB3823B9DE9}" = PDF Professional 2
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Premium 10
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}" = Google SketchUp 8
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{5783F2D7-0111-0409-0010-0060B0CE6BBA}" = Autodesk CAD Manager Tools 3.0
"{5783F2D7-4008-0409-0002-0060B0CE6BBA}" = Autodesk Land Desktop 2006
"{5783F2D7-9028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2011
"{5F2B79E2-2A1C-4809-BD86-C2914F91A6AA}" = WaterCAD Assembly Files
"{6054F774-FEF0-46C6-9311-EC97FC576FC5}" = USB Wireless Keyboard Driver
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67E4EE98-59F4-4210-89A6-A20AF5BEC689}" = Microsoft Streets and Trips 2005
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A69D94E-C569-4154-9643-72E94D1DDFDA}" = XPS Essentials Pack
"{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}" = Multimedia Keyboard Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FB3805-DDFF-11D6-902C-00104BB33C9D}" = GNSS Solutions
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C8C2AA5-FFD4-4A10-970D-152B2AB49C57}" = AVG 2013
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81FAD5EA-19B2-4A06-89EC-D65CD23AAD55}" = AVG 2013
"{82AFF6C9-6DEB-4822-A869-28CBC434FCBD}_is1" = Legal-Aid 2006 Subscription
"{82EF8297-C8B2-4CA8-9430-FF2BC8C40414}" = GWCares
"{867DA348-D324-4764-AA7B-FF491E83DD1F}" = Xerox Corporation Wide Format Scan Service
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8C2F41B3-E867-47D6-BC64-C76848F630CB}" = DGN to DWG Converter 2013
"{8CA99926-51DD-4220-8300-8F857BACD640}_is1" = Personal Trainer Studio - Legal-Aid Edition
"{8df5676e-c977-4d75-9435-c9f226588413}_is1" = Media Player
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{954D9E32-BE47-43F4-9BFF-6DB46F17EAF2}" = Sentinel Protection Installer 7.6.3
"{99D49CFA-2468-4B41-A6FA-CDAFE61F6C46}" = Rinex Manager
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AEA6B31C-503E-4260-822B-0C768DA439EE}_is1" = Pipe2012
"{AF7D5CE0-64BB-41EC-A4A7-B093AFB6AA76}" = FIRMette - Desktop
"{B1A9CD45-A702-4E3B-91ED-8CD562869901}" = DWG TrueView 2008
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{BA94B525-1469-4E00-AFE4-50ADEB8B3993}_is1" = LaCie Network Assistant 1.5.15.72
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C51C1EDC-FAA8-424B-B1CA-FFB6D34A9464}" = TopconLink v.7.5
"{C9BF156F-5EFE-4B8C-9F74-D6BF4C31C57B}" = Carlson Software 2004
"{C9E1857D-EF86-4ED8-A504-FF615981423F}" = HEC-RAS 4.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB54ABA8-D67F-47AD-A76C-2631BADA9FE5}" = Microsoft Works Suite Add-in for Microsoft Word
"{CBB6F775-E76E-49F7-98D3-1519414B1E4B}" = YouSendIt Express
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3EF967A-695B-465C-BEBF-2C8E8CDE04AC}" = Autodesk DWF Writer 3.5
"{DE1AF137-C455-494A-A817-EFE44BCCFDEE}" = Works Upgrade
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4F979C2-73FE-4B78-BE3A-9031016B9683}" = Topcon Link v.8.2.3
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED97DAF2-A955-4E19-92E7-B1CD46A64100}" = TIFF Image Printer 8.0
"{EE32FFAA-1000-2057-A60C-DE67FC0C15BE}" = LISCAD 10.0 (English UK)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F24EE4D7-7962-4C8F-A4EC-06B5A0A625DA}" = Topcon Tools v.8.2.3
"{FACF203E-0F4D-489A-B80C-D185253C8FCB}" = Autodesk Design Review 2008
"{FC279721-37A6-4777-AFD8-7A56681EBA14}" = Expert PDF 7 Reader
"{FEFE9315-473B-4697-9D4E-4E895F5CFC77}" = TopSURV PC
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3-D TopoQuads" = 3-D TopoQuads
"7-Zip" = 7-Zip 9.20
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashtech Solutions" = Ashtech Solutions
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"AutoTURN 6 Demo" = AutoTURN 6 Demo
"AVG" = AVG 2013
"BDE 5.0" = BDE 5.01
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"DWG TrueView 2008" = DWG TrueView 2008
"DWG TrueView 2011" = DWG TrueView 2011
"ePad995" = ePad995
"EPANET 2.0" = EPANET 2.0
"EPSON Printer and Utilities" = EPSON Printer Software
"FileZilla Client" = FileZilla Client 3.5.3
"FlexUnits" = FlexUnits
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"ie8" = Windows Internet Explorer 8
"InstallShield_{CBB6F775-E76E-49F7-98D3-1519414B1E4B}" = YouSendIt Express
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MDI Viewer for Microsoft Office" = MDI Viewer for Microsoft Office 2.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"Money2005b" = Microsoft Money 2005
"MRW!UninstallKey" = InCD EasyWrite Reader
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"office Convert Pdf to Jpg Jpeg Tiff Free_is1" = office Convert Pdf to Jpg Jpeg Tiff Free 6.4
"Pdf995" = Pdf995
"PictureItPrem_v10" = Microsoft Picture It! Premium 10
"Polestar Virtual Printer_is1" = Polestar Virtual Printer 1.0
"Print3D for progeCAD_is1" = Print3D for progeCAD
"progeCAD 2009 Pro ENG" = progeCAD 2009 Pro ENG
"RealPlayer 6.0" = RealPlayer Basic
"Shockwave" = Shockwave
"ST6UNST #1" = Cadastral Measurement Management for Windows
"ST6UNST #2" = Cadastral Measurement Management for Windows (C:\WinCMM\)
"StarNet-Demo" = StarNet-Demo
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Tiff Surfer 3.0" = Tiff Surfer 3.0
"Topcon Link v.8" = Topcon Link v.8
"Topcon Link v.8.2.3" = Topcon Link v.8.2.3
"Topcon Tools v.8.2.3" = Topcon Tools v.8.2.3
"TopconLink v.7.5" = TopconLink v.7.5
"VLC media player" = VLC media player 1.1.11
"WaterCAD" = WaterCAD 6.5 by Haestad Methods
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinTopo" = WinTopo
"Works2005Setup" = Microsoft Works 2005 Setup Launcher
"XpsEP" = XPS Essentials Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"DownloadTerms" = DownloadTerms
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/25/2014 8:50:57 PM | Computer Name = 3A | Source = Application Error | ID = 1000
Description = Faulting application DefaultTabSearch.exe, version 0.0.0.0, faulting
module DefaultTabSearch.exe, version 0.0.0.0, fault address 0x00052674.

Error - 2/26/2014 2:59:19 PM | Computer Name = 3A | Source = Application Error | ID = 1000
Description = Faulting application DefaultTabSearch.exe, version 0.0.0.0, faulting
module DefaultTabSearch.exe, version 0.0.0.0, fault address 0x00052674.

Error - 2/26/2014 6:21:59 PM | Computer Name = 3A | Source = Application Error | ID = 1000
Description = Faulting application DefaultTabSearch.exe, version 0.0.0.0, faulting
module DefaultTabSearch.exe, version 0.0.0.0, fault address 0x00052674.

Error - 2/26/2014 9:07:52 PM | Computer Name = 3A | Source = Application Hang | ID = 1002
Description = Hanging application wlmail.exe, version 14.0.8089.726, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/26/2014 9:07:52 PM | Computer Name = 3A | Source = Application Hang | ID = 1002
Description = Hanging application wlmail.exe, version 14.0.8089.726, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/27/2014 2:38:27 PM | Computer Name = 3A | Source = Application Error | ID = 1000
Description = Faulting application DefaultTabSearch.exe, version 0.0.0.0, faulting
module DefaultTabSearch.exe, version 0.0.0.0, fault address 0x00052674.

Error - 2/28/2014 7:55:29 PM | Computer Name = 3A | Source = Application Error | ID = 1000
Description = Faulting application DefaultTabSearch.exe, version 0.0.0.0, faulting
module DefaultTabSearch.exe, version 0.0.0.0, fault address 0x00052674.

Error - 3/3/2014 12:29:53 PM | Computer Name = 3A | Source = Application Error | ID = 1000
Description = Faulting application DefaultTabSearch.exe, version 0.0.0.0, faulting
module DefaultTabSearch.exe, version 0.0.0.0, fault address 0x00052674.

Error - 3/4/2014 1:15:17 PM | Computer Name = 3A | Source = Application Error | ID = 1000
Description = Faulting application DefaultTabSearch.exe, version 0.0.0.0, faulting
module DefaultTabSearch.exe, version 0.0.0.0, fault address 0x00052674.

Error - 3/4/2014 3:28:44 PM | Computer Name = 3A | Source = Windows Live Mail | ID = 1000
Description =

[ System Events ]
Error - 3/3/2014 5:40:33 PM | Computer Name = 3A | Source = Print | ID = 6161
Description = The document 13003 SE 257th Ave - Trio.pdf owned by Administrator
failed to print on printer PDF Professional 2. Data type: NT EMF 1.008. Size of
the spool file in bytes: 5439488. Number of bytes printed: 5439488. Total number
of pages in the document: 1. Number of pages printed: 0. Client machine: \\3A.
Win32 error code returned by the print processor: 0 (0x0).

Error - 3/4/2014 12:57:41 PM | Computer Name = 3A | Source = Print | ID = 6161
Description = The document Microsoft Word - Duke Walton - Boundary Survey.doc owned
by Administrator failed to print on printer PDF Professional 2. Data type: NT EMF
1.008. Size of the spool file in bytes: 1900544. Number of bytes printed: 1900544.
Total number of pages in the document: 4. Number of pages printed: 0. Client machine:
\\3A. Win32 error code returned by the print processor: 0 (0x0).

Error - 3/4/2014 1:15:20 PM | Computer Name = 3A | Source = Service Control Manager | ID = 7034
Description = The DefaultTabSearch service terminated unexpectedly. It has done
this 1 time(s).

Error - 3/5/2014 1:31:20 PM | Computer Name = 3A | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde

Error - 3/6/2014 11:57:10 AM | Computer Name = 3A | Source = Print | ID = 19
Description = Sharing printer failed + 1722, Printer Xerox 6204 Wide Format share
name Printer3.

Error - 3/6/2014 3:38:44 PM | Computer Name = 3A | Source = Print | ID = 6161
Description = The document 01 - 1577 Fairview Sidewalks Spec Book.pdf owned by Administrator
failed to print on printer PDF Professional 2. Data type: NT EMF 1.008. Size of
the spool file in bytes: 305414868. Number of bytes printed: 280166400. Total number
of pages in the document: 11. Number of pages printed: 0. Client machine: \\3A.
Win32 error code returned by the print processor: 0 (0x0).

Error - 3/6/2014 3:47:37 PM | Computer Name = 3A | Source = Print | ID = 6161
Description = The document 01 - 1577 Fairview Sidewalks Spec Book.pdf owned by Administrator
failed to print on printer PDF Professional 2. Data type: NT EMF 1.008. Size of
the spool file in bytes: 25248588. Number of bytes printed: 25248588. Total number
of pages in the document: 1. Number of pages printed: 0. Client machine: \\3A.
Win32 error code returned by the print processor: 0 (0x0).

Error - 3/7/2014 6:40:49 PM | Computer Name = 3A | Source = Print | ID = 6161
Description = The document 001-ATP-ts-030714 owned by Administrator failed to print
on printer PDF Professional 2. Data type: NT EMF 1.008. Size of the spool file
in bytes: 917504. Number of bytes printed: 917504. Total number of pages in the
document: 1. Number of pages printed: 0. Client machine: \\3A. Win32 error code
returned by the print processor: 0 (0x0).

Error - 3/7/2014 6:43:44 PM | Computer Name = 3A | Source = Print | ID = 6161
Description = The document 001-ATP-ts-030714 owned by Administrator failed to print
on printer PDF Professional 2. Data type: NT EMF 1.008. Size of the spool file
in bytes: 917504. Number of bytes printed: 917504. Total number of pages in the
document: 1. Number of pages printed: 0. Client machine: \\3A. Win32 error code
returned by the print processor: 0 (0x0).

Error - 3/9/2014 6:09:38 PM | Computer Name = 3A | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater18.0.0 service failed to start due to the following
error: %%2


< End of report >

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by Belahzur on Tue 11 Mar 2014, 2:12 am

Hello.
Log looks good, I want 1 more scan before we can do a a final tidy up and update a few programs.

Please download JRT from here & double click to start the program.

  1. Hit any key when prompted and allow it to run through it's process.




  2. Post the log when it's finished.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Tue 11 Mar 2014, 3:00 am

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Mon 03/10/2014 at 8:25:31.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110111251155}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110111251155}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111251155}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{66742AE2-EDD2-4A7A-B75E-698025D4726B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8C01CEAB-66F2-46E8-ACFA-07A93E3DC6A8}



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\Tasks\pc optimizer pro startups.job"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\cre"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\stronghold_llc"
Successfully deleted: [Folder] "C:\Program Files\bigfix"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/10/2014 at 8:39:28.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by Belahzur on Tue 11 Mar 2014, 3:03 am

Good, that threw out the last of the junk. Please run this last script in OTL to tidy up then we can update programs.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    Code:

    :OTL
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.

    :commands
    [emptytemp]
    [emptyflash]
    [clearallrestorepoints]
    [reboot]

  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Wed 12 Mar 2014, 2:22 am

I tried to run the code you posted... It appeared to lock up my computer. I let it run for over 12hr... then I had to unplug the computer to get it restarted....

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by Belahzur on Wed 12 Mar 2014, 2:47 am

okay no worries, I assume your back in normal mode now? how are things running now? we just have old programs to update now.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Wed 12 Mar 2014, 3:04 am

Its running good! Thanks!

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by racafrustrated on Wed 12 Mar 2014, 3:05 am

Its running good! Thank you!

racafrustrated

Rookie Surfer
Rookie Surfer

Posts : 124
Joined : 2009-03-16
Operating System : windows xp

View user profile

Back to top Go down

Re: possible infections???

Post by Belahzur on Wed 12 Mar 2014, 3:41 am

Hello.
Okay just update these 2 programs.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Java(TM) 6 Update 26
    J2SE Runtime Environment 5.0 Update 4

Updating Java:

  • Download the latest version of Java SE Runtime Environment (JRE) 7 Update 51.
  • Click the "Download JRE" button to the right.
  • In the Window that opens, select your platform, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on jre-7u51-windows-i586.exe that you downloaded to install the newest version.

Download and install VLC Player 2.1.3
When installing, it will ask if you want to uninstall the old version first before it can install the new version, so please select yes and allow it to install.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: possible infections???

Post by Sponsored content Today at 2:58 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum