Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

datamngr and win|load reoccurring IE is highjacked ! [Solved]


  • This topic is locked This topic is locked

#1
MMHarding

MMHarding

    Member

  • Member
  • PipPip
  • 31 posts
Hello,

I am having issues with my laptop running Windows 7. I have removed files with malwarebytes and adware and microsoft essentials. The infected files keep reappearing after reboots. My Internet Explorer is not working and is redirecting me to link removed and saying I need to update my media player immediately. Please help. I am a computer novice.
  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hi! MMHarding :)
Posted Image


My name is zep516
I'll do the "best" I can to resolve your computer issue!
Please be "patient" with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue. Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

First
Lets take a closer look, I need "both" log reports from the OTL scan!

Please download OTL to your Desktop
  • Double click on the Posted Image to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox and
  • Check the option for All under the Extra Registry section
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
  • OTL.txt <-- Will be opened, maximized
  • Extras.txt <-- Will be minimized on task bar.
Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Next

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click AdwCleaner.exe to run the tool.
    Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
  • Click the Scan button.
  • AdwCleaner will begin. Be patient as the scan may take some time to complete.
  • After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, please let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
If you already ran that scan, please post the log files for it found in C:\AdwCleaner folder


Next

Download Security Check by screen317 from Here or Here
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


In your next reply post.
  • OTL.txt
  • Extras.txt
  • AdwCleaner[R0].txt
  • checkup.txt
  • Please provide the Malwarebytes log too.

Thanks
Joe :)
  • 0

#3
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
OTL.txt

OTL logfile created on: 1/29/2014 10:36:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mmharding\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.90 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 41.38% Memory free
7.80 Gb Paging File | 5.23 Gb Available in Paging File | 67.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.80 Gb Total Space | 115.29 Gb Free Space | 40.48% Space Free | Partition Type: NTFS

Computer Name: PNALT34 | User Name: mmharding | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/29 10:36:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mmharding\Downloads\OTL.exe
PRC - [2014/01/23 00:57:02 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\mmharding\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/02/07 12:35:46 | 000,546,944 | ---- | M] (ESET) -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
PRC - [2013/02/07 12:35:40 | 000,579,904 | ---- | M] () -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
PRC - [2012/12/18 06:28:10 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/06/10 04:39:00 | 000,640,568 | ---- | M] (Netgear) -- C:\Program Files (x86)\NETGEAR\NETGEAR ProSafe VPN Client Professional\vpnconf.exe
PRC - [2010/06/10 04:38:58 | 000,192,568 | ---- | M] (TheGreenBow) -- C:\Program Files (x86)\NETGEAR\NETGEAR ProSafe VPN Client Professional\tgbike.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/23 00:57:00 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppgooglenaclpluginchrome.dll
MOD - [2014/01/23 00:56:59 | 013,615,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
MOD - [2014/01/23 00:56:56 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
MOD - [2014/01/23 00:56:02 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
MOD - [2014/01/23 00:56:01 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
MOD - [2014/01/23 00:55:58 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
MOD - [2013/02/07 12:35:40 | 000,579,904 | ---- | M] () -- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/08/24 16:17:34 | 002,279,320 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe -- (DFEPService)
SRV:64bit: - [2011/07/01 13:52:32 | 001,600,000 | ---- | M] (Wave Systems Corp.) [Disabled | Stopped] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe -- (Wave Authentication Manager Service)
SRV:64bit: - [2011/05/27 17:46:56 | 003,792,240 | ---- | M] (Wave Systems Corp.) [Disabled | Stopped] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV:64bit: - [2011/05/24 15:42:08 | 002,154,888 | ---- | M] (Wave Systems Corp.) [Disabled | Stopped] -- C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV:64bit: - [2011/01/25 04:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Disabled | Stopped] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/01/15 14:00:02 | 000,048,128 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/29 16:12:20 | 000,158,720 | ---- | M] (Broadcom Corporation) [Disabled | Stopped] -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe -- (BrcmMgmtAgent)
SRV:64bit: - [2010/06/10 04:38:56 | 000,162,872 | ---- | M] (TheGreenBow) [Auto | Running] -- C:\Windows\SysNative\TgbStarter.exe -- (TgbIke Starter)
SRV:64bit: - [2010/05/10 15:23:54 | 002,683,712 | ---- | M] (AuthenTec, Inc.) [Disabled | Stopped] -- C:\Program Files\Fingerprint Sensor\ATService.exe -- (ATService)
SRV:64bit: - [2010/02/10 20:50:50 | 000,072,296 | ---- | M] (O2Micro International) [Disabled | Stopped] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/03/03 05:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2014/01/14 12:51:13 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/12/20 10:34:58 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/12/20 10:34:48 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/12/10 16:03:46 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/11 13:03:22 | 000,045,056 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2013/03/11 09:23:26 | 001,248,256 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2013/03/11 09:23:10 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2012/12/18 06:28:10 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/02 12:17:40 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2012/01/19 17:11:18 | 002,594,584 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/19 17:11:14 | 000,325,912 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/02/17 09:08:52 | 001,633,280 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010/01/25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2003/04/18 21:06:26 | 000,008,192 | ---- | M] () [Disabled | Stopped] -- c:\Windows\SysWOW64\srvany.exe -- (O2SDIOAssist)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/20 10:34:48 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/11/22 17:41:07 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/07/25 16:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/15 01:03:16 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV:64bit: - [2012/11/15 01:03:14 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/05/26 13:10:14 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/26 13:10:14 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/04/02 12:17:40 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012/04/02 12:17:18 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/22 14:49:56 | 000,056,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/07/25 17:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011/07/22 15:28:56 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\accelern.sys -- (Acceler)
DRV:64bit: - [2011/07/20 14:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2011/07/19 17:24:20 | 000,020,424 | ---- | M] (Dell Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HBtnKey.sys -- (HBtnKey)
DRV:64bit: - [2011/07/15 23:31:22 | 000,022,128 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2011/06/10 14:16:08 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/05/26 13:55:02 | 000,368,464 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/23 16:51:32 | 000,083,560 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys -- (O2SDJRDR)
DRV:64bit: - [2011/02/07 09:49:38 | 000,411,688 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2011/01/25 04:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/15 14:00:00 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2011/01/15 13:59:54 | 004,719,680 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/01/03 17:19:56 | 000,074,984 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys -- (O2MDRRDR)
DRV:64bit: - [2011/01/03 15:04:44 | 000,072,808 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys -- (O2MDFRDR)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc)
DRV:64bit: - [2010/11/20 22:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 22:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 21:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/10 17:22:16 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/09/03 10:40:24 | 000,104,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\basp.sys -- (Blfp)
DRV:64bit: - [2010/07/21 13:13:40 | 000,032,240 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PBADRV.SYS -- (PBADRV)
DRV:64bit: - [2010/06/10 04:38:52 | 000,027,192 | ---- | M] (TheGreenBow) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndistgb.sys -- (ndistgb)
DRV:64bit: - [2010/06/10 04:38:48 | 000,133,176 | ---- | M] (TheGreenBow) [Kernel | System | Unknown] -- C:\Windows\SysNative\drivers\DfilterVPN.sys -- (TgbIpSec)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/26 19:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/05/31 11:45:04 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {94A6AEB5-EBF4-4701-B343-CD50ACA1D879}
IE:64bit: - HKLM\..\SearchScopes\{94A6AEB5-EBF4-4701-B343-CD50ACA1D879}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{94A6AEB5-EBF4-4701-B343-CD50ACA1D879}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.earthink.net/webmail
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9B 5B D0 87 4A 1C CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {F44FAA1D-AC80-492D-868C-4E27F7E65A46}
IE - HKCU\..\SearchScopes\{F44FAA1D-AC80-492D-868C-4E27F7E65A46}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\mmharding\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/01/14 11:50:06 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://mysearch.avg....sa&d=2013-02-09 21:33:23&v=15.2.0.5&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://toolbar.avg.c...earchTerms}&o=1,
CHR - homepage: http://mysearch.avg....sa&d=2013-11-16 17:23:14&v=17.1.2.1&pid=safeguard&sg=18&sap=hp
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Citrix Online Web Deployment Plugin 1.0.0.94 (Enabled) = C:\Users\mmharding\AppData\Local\Citrix\Plugins\94\npappdetector.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Wallet = C:\Users\mmharding\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\

O1 HOSTS File: ([2012/06/07 12:45:19 | 000,000,860 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 192.168.52.106 RemoteDesktopServer
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [TgbVpn] C:\Program Files (x86)\NETGEAR\NETGEAR ProSafe VPN Client Professional\vpnconf.exe (Netgear)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\mmharding\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
F3:64bit: - HKCU WinNT: Load - (C:\Users\MMHARD~1\LOCALS~1\Temp\msfsirzko.exe) - File not found
F3 - HKCU WinNT: Load - (C:\Users\MMHARD~1\LOCALS~1\Temp\msfsirzko.exe) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {76392179-60A8-462D-8961-B95C14DAADF4} https://pd2.secure.b...printengine.cab (PrintEngine ActiveX Control v4.3)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5151E62B-5836-47AE-AE4C-F9DBBA4E9AF2}: DhcpNameServer = 198.224.178.135 198.224.181.135
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8652C51-1770-46A8-9FD5-6D0CA6BE8586}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDC187F3-9230-486C-91AD-261256035FF4}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18:64bit: - Protocol\Handler\intu-help-qb6 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb6 {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (wvauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/12/05 08:21:48 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8fdcd96f-ed44-11e1-846b-d067e54e8d98}\Shell - "" = AutoRun
O33 - MountPoints2\{8fdcd96f-ed44-11e1-846b-d067e54e8d98}\Shell\AutoRun\command - "" = E:\Design_Data.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/29 09:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/01/29 08:53:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/28 15:05:35 | 000,000,000 | ---D | C] -- C:\Users\mmharding\AppData\Roaming\Malwarebytes
[2014/01/28 15:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/28 15:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/28 15:05:25 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/28 15:05:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/28 14:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2014/01/28 14:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/01/14 12:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2014/01/14 02:56:14 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/01/14 02:29:13 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/29 10:23:37 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/29 10:23:37 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/29 10:21:19 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/29 10:01:46 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/29 08:57:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/29 08:56:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/29 08:56:29 | 3140,169,728 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/28 18:48:29 | 000,000,292 | ---- | M] () -- C:\Users\mmharding\Desktop\Google Calendar.url
[2014/01/28 14:56:02 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/01/28 11:44:01 | 000,001,405 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR ProSafe VPN Client Professional.lnk
[2014/01/27 14:03:00 | 000,039,433 | ---- | M] () -- C:\Users\mmharding\Desktop\The housing studio January 21.pdf
[2014/01/27 09:32:20 | 000,133,912 | ---- | M] () -- C:\Users\mmharding\Desktop\2014 Kittredge Variety Show Audition Packet KMS Edited.pdf
[2014/01/18 14:40:35 | 000,508,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/18 07:38:25 | 000,782,922 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/18 07:38:25 | 000,663,260 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/18 07:38:25 | 000,122,096 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/14 12:50:19 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Standard.lnk
[2014/01/11 20:38:43 | 000,045,568 | ---- | M] () -- C:\Users\mmharding\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/28 14:55:48 | 000,002,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/01/28 11:44:01 | 000,001,405 | ---- | C] () -- C:\Users\Public\Desktop\NETGEAR ProSafe VPN Client Professional.lnk
[2014/01/27 14:03:00 | 000,039,433 | ---- | C] () -- C:\Users\mmharding\Desktop\The housing studio January 21.pdf
[2014/01/27 09:32:19 | 000,133,912 | ---- | C] () -- C:\Users\mmharding\Desktop\2014 Kittredge Variety Show Audition Packet KMS Edited.pdf
[2014/01/14 12:50:18 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
[2014/01/14 12:50:18 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Standard.lnk
[2014/01/14 12:50:17 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Standard.lnk
[2013/06/26 18:15:54 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2013/06/11 00:26:10 | 000,000,724 | ---- | C] () -- C:\Windows\wacam.ini
[2013/06/02 19:47:13 | 000,213,724 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013/04/01 07:23:36 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2013/04/01 07:23:36 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2013/04/01 07:23:36 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2013/04/01 07:23:36 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2013/04/01 07:23:36 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2013/04/01 07:23:36 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2013/04/01 07:23:36 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2013/04/01 07:23:36 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2013/04/01 07:23:36 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2013/04/01 07:23:36 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2013/04/01 07:23:36 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2013/04/01 07:23:36 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2013/04/01 07:23:36 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2013/04/01 07:23:36 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2013/04/01 07:23:36 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2013/04/01 07:23:36 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2013/04/01 07:15:36 | 000,000,044 | ---- | C] () -- C:\Windows\EPR220.ini
[2013/02/28 11:20:25 | 000,001,013 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2013/02/28 11:20:25 | 000,000,159 | ---- | C] () -- C:\Windows\brpcfx.ini
[2013/02/28 11:18:50 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2013/02/28 11:18:49 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2013/02/28 11:14:27 | 000,002,944 | ---- | C] () -- C:\Windows\BRPARAM.INI
[2013/01/25 22:56:46 | 000,007,672 | ---- | C] () -- C:\Users\mmharding\AppData\Local\Resmon.ResmonCfg
[2013/01/08 11:32:11 | 000,107,245 | ---- | C] () -- C:\Users\mmharding\AppData\Roaming\itldvupd.dat
[2013/01/08 11:32:11 | 000,000,210 | ---- | C] () -- C:\Users\mmharding\AppData\Roaming\itlsvc.dat
[2012/09/25 16:24:22 | 000,045,568 | ---- | C] () -- C:\Users\mmharding\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/10 14:31:02 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/05/26 12:49:28 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/05/26 12:49:27 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/05/26 12:49:25 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/05/26 12:49:23 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/05/26 12:49:21 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/05/26 11:47:36 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2012/05/26 11:47:12 | 000,000,390 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/05/26 11:46:50 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2012/05/26 11:43:22 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\instsrv.exe
[2012/05/26 11:43:22 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe

========== ZeroAccess Check ==========

[2012/12/27 12:23:00 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$4669c46d9304397464b7b5be2e1e93a4\L
[2012/12/27 12:23:00 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$4669c46d9304397464b7b5be2e1e93a4\U
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/09 17:49:56 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\261f45d0-e847-4ffe-976c-a33f0951e56c79
[2013/06/11 00:26:18 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\ACAMPREF
[2013/02/09 21:32:35 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\Canneverbe Limited
[2013/02/28 11:25:58 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\ControlCenter4
[2012/06/07 10:17:50 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\CoreFTP
[2014/01/14 02:56:50 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\Dropbox
[2013/02/24 17:15:15 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\ID Vault
[2013/12/05 23:41:12 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\MakeMusic
[2013/12/04 20:14:50 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\Musicnotes
[2013/03/01 09:05:44 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\Nuance
[2013/05/28 17:24:02 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\PC-FAX TX
[2012/06/07 14:23:28 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\Research In Motion
[2012/08/21 17:37:21 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\Roni Music
[2013/03/01 09:05:57 | 000,000,000 | ---D | M] -- C:\Users\mmharding\AppData\Roaming\Zeon

========== Purity Check ==========



< End of report >




Extras.txt

OTL Extras logfile created on: 1/29/2014 10:36:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mmharding\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.90 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 41.38% Memory free
7.80 Gb Paging File | 5.23 Gb Available in Paging File | 67.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.80 Gb Total Space | 115.29 Gb Free Space | 40.48% Space Free | Partition Type: NTFS

Computer Name: PNALT34 | User Name: mmharding | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B964A7F-5B4F-4731-81FE-CA31D4C8FE3A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{11BD8CF7-F5DB-4819-B284-7D66F354DC94}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F505D28-7A80-40F1-AE67-E4F1B8C1B8B9}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5171ABC4-D29F-46C4-A3C2-72AD81CA2966}" = lport=49168 | protocol=6 | dir=in | name=akamai netsession interface |
"{5377ED41-8158-4BD5-A45B-41E6C5DA1CE2}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{552B00C2-93BC-48F3-B286-B7ADC8E8F823}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7FBC9EC5-99EC-4C36-B50B-3FE7E5515D99}" = lport=500 | protocol=17 | dir=in | name=netgear prosafe vpn client professional phase1 |
"{855D529E-6BF9-4656-AA8C-CED768B46876}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{95907A86-1398-400F-8CB3-9044DE94B295}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{A641527D-98F0-45AF-8A94-3ECE67E31204}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B585D357-FC3D-4A37-8BE2-FF5C3DDA9F1A}" = lport=4500 | protocol=17 | dir=in | name=netgear prosafe vpn client professional phase2 |
"{E0278A12-E20B-4184-8BC9-3E18B7D4C8CE}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F145DC1A-0FB4-4822-83E7-0354090449A6}" = rport=2869 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002E09C5-6F4F-4EC6-89BB-041E34373785}" = protocol=58 | dir=in | [email protected],-148 |
"{0280026A-A253-428A-9C03-205F78A2762B}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl10g\faxrx.exe |
"{4FFF86E4-0E93-43EC-8F5D-C01D80F0F621}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl10g\faxrx.exe |
"{7C15B5F2-7475-4809-93B5-7E88FBAFF304}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{90915FE7-FF23-4C78-B682-2F0BDC8874C5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9363D1CF-ED49-4845-A069-B86F466E282B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{ED15265B-9D09-45BD-A3F2-D9171E94D834}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"TCP Query User{665C7565-F624-4034-9424-5D6E98EFAFA0}C:\users\mmharding\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mmharding\appdata\local\akamai\netsession_win.exe |
"TCP Query User{DE23BC22-9700-44A2-B1B4-F8F815BC0D89}C:\users\mmharding\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mmharding\appdata\local\akamai\netsession_win.exe |
"UDP Query User{8987B2E3-780A-4657-9EC0-1166BC758E61}C:\users\mmharding\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mmharding\appdata\local\akamai\netsession_win.exe |
"UDP Query User{FA1D2E3B-1D3F-4247-877F-C57FBEB064FA}C:\users\mmharding\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mmharding\appdata\local\akamai\netsession_win.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0335701D-8E28-4A7F-B0EF-312974755BB2}" = Modem Diagnostic Tool
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software Installer
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2EECD5EF-5095-467C-B80C-4AB3096EFD60}" = SPBA 5.9
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}" = PC-CCID
"{414B7B9C-B353-4821-9393-78AE034079E7}" = NTRU TCG Software Stack
"{4E60E212-3177-4B16-BCB3-616CCC52357D}" = Upek Touchchip Fingerprint Reader
"{50B4B603-A4C6-4739-AE96-6C76A0F8A388}" = Dell Backup and Recovery Manager
"{560DCF39-61D1-43B0-86DA-5EFF8F7A5144}" = AuthenTec Fingerprint Software
"{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}" = Adobe PDF iFilter 9 for 64-bit platforms
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{64973F6A-8754-43D1-BDD0-FC6F0546347B}" = Broadcom NetXtreme-I Netlink Driver and Management Installer
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6AC87FB3-ACFC-4416-890C-8976D5A9B371}" = Trusted Drive Manager
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
"{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}" = Custom
"{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver
"{777FF553-493D-4068-BAC7-EE2D73DB7434}" = Wave Infrastructure Installer
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{91CE5F03-3A2A-4268-935A-04944F058AE9}" = Gemalto
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}" = Dell Feature Enhancement Pack
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB}" = BioAPI Framework
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Data Protection | Access
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F839C6BD-E92E-48FA-9CE6-7BFAF94F7096}" = DellAccess
"9512AA21B791B05A54E27065C45BBC417AB282DF" = Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
"DW WLAN Card Utility" = DW WLAN Card Utility
"EPSON Printer and Utilities" = EPSON Printer Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CB3B7EE-52C7-4136-AF40-605567D90318}" = O2Micro Flash Memory Card Windows Driver
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}" = Brother MFL-Pro Suite MFC-J6710DW
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}" = Dell Client System Update
"{3167CC62-C775-4E47-92C1-73EBB845751A}" = QuickBooks
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{38676C9C-270F-43D1-926A-E45DE8820A6B}" = BlackBerry Device Software Updater
"{387B63A5-5016-1015-B06B-A9A1030E3125}" = Intel® Identity Protection Technology 1.2.22.0
"{3C631966-387E-4054-85D9-BBFFABE32BD8}" = QuickBooks Pro 2013
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Netwaiting
"{42B1BDFC-9AF7-42C4-BC3C-EAED79D4DBEB}" = SmartMusic
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}" = Dell Data Protection | Access | Drivers
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}" = Dell Data Protection | Access | Middleware
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7D91856-258D-4C87-8041-B170851CE432}" = Dell Data Protection | Access
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000005}" = Adobe Acrobat X Standard - English, Français, Deutsch
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA94A899-F439-44D1-90B6-DB02A7341170}" = BlackBerry Desktop Software 7.0
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE4CA5AF-4A55-418C-8CB8-74435814207B}" = LogMeIn
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Amazing Slow Downer" = Amazing Slow Downer (remove only)
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.0
"CoreFTP(x64)" = Core FTP LE (x64)
"Dell Webcam Central" = Dell Webcam Central
"EPSON Printer and Utilities" = EPSON Printer Software
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"InstallShield_{0CB3B7EE-52C7-4136-AF40-605567D90318}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}" = O2Micro OZ776 SCR Driver
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Musicnotes Player_is1" = Musicnotes Player V1.32.2 and Viewer V1.19.0
"NETGEAR ProSafe VPN Client Professional" = NETGEAR ProSafe VPN Client Professional
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PDFtoMusic" = PDFtoMusic
"ST6UNST #1" = DowelCAD
"WinLiveSuite" = Windows Live Essentials
"Wondershare Video Editor_is1" = Wondershare Video Editor(Build 3.0.3)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 5.5.0.1133

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/28/2014 5:58:13 PM | Computer Name = PNALT34 | Source = WinMgmt | ID = 10
Description =

Error - 1/28/2014 8:54:22 PM | Computer Name = PNALT34 | Source = WinMgmt | ID = 10
Description =

Error - 1/28/2014 9:23:39 PM | Computer Name = PNALT34 | Source = WinMgmt | ID = 10
Description =

Error - 1/29/2014 8:19:09 AM | Computer Name = PNALT34 | Source = WinMgmt | ID = 10
Description =

Error - 1/29/2014 8:48:00 AM | Computer Name = PNALT34 | Source = WinMgmt | ID = 10
Description =

Error - 1/29/2014 9:01:02 AM | Computer Name = PNALT34 | Source = WinMgmt | ID = 10
Description =

Error - 1/29/2014 9:16:09 AM | Computer Name = PNALT34 | Source = WinMgmt | ID = 10
Description =

Error - 1/29/2014 9:58:23 AM | Computer Name = PNALT34 | Source = WinMgmt | ID = 10
Description =

Error - 1/29/2014 10:03:03 AM | Computer Name = PNALT34 | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\mmharding\Downloads\esetsmartinstaller_enu.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 1/29/2014 10:03:12 AM | Computer Name = PNALT34 | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\mmharding\Downloads\esetsmartinstaller_enu.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

[ Broadcom Wireless LAN Events ]
Error - 11/23/2013 4:43:49 AM | Computer Name = PNALT34 | Source = WLAN-Tray | ID = 0
Description = 03:43:49, Sat, Nov 23, 13 Error - Unable to set enhanced country code


[ System Events ]
Error - 1/29/2014 8:46:38 AM | Computer Name = PNALT34 | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error
Code: 21

Error - 1/29/2014 8:46:41 AM | Computer Name = PNALT34 | Source = DCOM | ID = 10005
Description =

Error - 1/29/2014 8:46:42 AM | Computer Name = PNALT34 | Source = DCOM | ID = 10005
Description =

Error - 1/29/2014 8:59:23 AM | Computer Name = PNALT34 | Source = Service Control Manager | ID = 7023
Description = The MicroSoft Compatibility Support service terminated with the following
error: %%127

Error - 1/29/2014 9:01:03 AM | Computer Name = PNALT34 | Source = Service Control Manager | ID = 7022
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service hung
on starting.

Error - 1/29/2014 9:14:30 AM | Computer Name = PNALT34 | Source = Service Control Manager | ID = 7023
Description = The MicroSoft Compatibility Support service terminated with the following
error: %%127

Error - 1/29/2014 9:16:02 AM | Computer Name = PNALT34 | Source = Service Control Manager | ID = 7022
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service hung
on starting.

Error - 1/29/2014 9:18:18 AM | Computer Name = PNALT34 | Source = ipnathlp | ID = 31004
Description =

Error - 1/29/2014 9:56:50 AM | Computer Name = PNALT34 | Source = Service Control Manager | ID = 7023
Description = The MicroSoft Compatibility Support service terminated with the following
error: %%127

Error - 1/29/2014 9:58:17 AM | Computer Name = PNALT34 | Source = Service Control Manager | ID = 7022
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service hung
on starting.


< End of report >
  • 0

#4
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
AdwCleaner - Does this look right? I had a little issue downloading it. And, I have run it more than once but don't know where the logs are saving.

# AdwCleaner v3.018 - Report created 29/01/2014 at 12:48:38
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : mmharding - PNALT34
# Running from : C:\Users\mmharding\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16750


-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\mmharding\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10935 octets] - [29/01/2014 08:53:41]
AdwCleaner[R1].txt - [896 octets] - [29/01/2014 12:45:45]
AdwCleaner[S0].txt - [11043 octets] - [29/01/2014 08:54:36]
AdwCleaner[S1].txt - [818 octets] - [29/01/2014 12:48:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [877 octets] ##########
  • 0

#5
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
This was the first, second and last malwarebytes log - I have run a few before contacting you. One or two files continue to show up with each reboot.

First:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.28.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
mmharding :: PNALT34 [administrator]

1/28/2014 3:10:08 PM
mbam-log-2014-01-28 (15-10-08).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 27321
Time elapsed: 2 minute(s), 42 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 12
HKCR\CLSID\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCR\BrowserConnection.Loader.1 (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCR\BrowserConnection.Loader (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{F34C9277-6577-4DFF-B2D7-7D58092F272F} (PUP.Optional.Datamngr.A) -> Data: Search-Results Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f34c9277-6577-4dff-b2d7-7d58092f272f} (PUP.Optional.Datamngr.A) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.

(end)


Second:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.28.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
mmharding :: PNALT34 [administrator]

1/28/2014 3:17:18 PM
mbam-log-2014-01-28 (15-17-18).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 425477
Time elapsed: 1 hour(s), 21 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 6
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{9FF9AE6F-4553-41a7-B645-B0E88850EABF} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCR\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbarguid (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\MMHARD~1\LOCALS~1\Temp\msfsirzko.exe -> Delete on reboot.

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Datamngr.A) -> Bad: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) Good: () -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Datamngr.A) -> Bad: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) Good: () -> Quarantined and repaired successfully.

Folders Detected: 37
C:\Program Files (x86)\Search Results Toolbar\Datamngr (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1 (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\modules (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\search (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\weather (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\lib (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\debugbar (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\scripts (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\components (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64 (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Users\mmharding\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\mmharding\AppData\Roaming\OpenCandy\8AFAA7AF1F43425EBE5F4EFF008E9DDB (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.

Files Detected: 409
C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngr.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\DnsBHO.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\IEBHO.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\installhelper.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\as_guid.dat (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\install.ico (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\manifest.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultstb.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\uninstall.exe (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\custom.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\neterror.xhtml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\preferences.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\template.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\toolbar.htm (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\toolbar.xul (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\vmncode.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\vmnrsswin.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\about.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\custom.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxpanel.xul (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxpaneltransparent.xul (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxpanelwin.xul (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxprefwin.xul (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxtransparentwin.xul (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxwin.xul (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\emailnotifierproviders.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\external.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\neterror.xhtml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\rsspreview.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\rsswin.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\rsswin.xsl (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\wmpstreamer.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\modules\datastore.jsm (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\modules\nsDragAndDrop.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_icon.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconFF.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressed.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressedFF.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_pref_icon.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsw (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsww (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs\tb_thumb_icon.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-buffering.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-connecting.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-ico.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-playing.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-stopped.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta.ico (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\tb_icon.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\widget.jsw (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\widget.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\search\engines.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\search\search.xsl (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\weather\icons.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\locale.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\lib\en.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\de.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\en.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\es.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\fr.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\it.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\blip.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\bluelite.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\bluesky.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-search-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-search.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-settings-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-settings.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-widgets-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-widgets.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn_settings.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\custom.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\dailymotion.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\divider.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\ebay.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\facebook.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\find-videos.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\grey.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\icon_games.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\images.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lichen.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo-about.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo-separator.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\menuseparatorback.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\metacafe.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\modify-save.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\modify.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\modifyhot.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\namespacetoolbar.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options-search.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\orange.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\search-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\search_icon.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\settings.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\settings_stb_19x.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\settings_stb_19x_over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\setting_stb_16x.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-bluelite.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-bluesky.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-grey.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-lichen.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-orange.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-yellow.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\sv.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\throbber.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\toolbarsplitter.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\TRUSTe_about.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\tv.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\twitter.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\veoh.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\video.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\vimeo.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\vmn.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\web.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\websearch.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\yellow.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\youtube.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\add.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\alexabutton.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\aol.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-dn.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-right-disabled.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-right.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-up.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-divider.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-end.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-mdl.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-mdl_ff.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-start.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-divider.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-end.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-mdl.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-mdl_ff.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-start.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\blank.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btn-widgets-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btn-widgets.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnback-down-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnback-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnleft-down-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnleft-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnright-down-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnright-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btn_slider.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\button-splitter-down-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\button-splitter-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\button-splitter.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\checkmark.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\chevron.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\collapse.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\dtx-test.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\dtx.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\edit-back-hot.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\edit-back.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\expand.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\found.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\gmail.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_blue.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_cyan.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_lime.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_magenta.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_yellow.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\hotmail.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\imap.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\lastsearch-thumb-back.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\launchers.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\loadingMid.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\lock.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\logo-separator.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\mailcom.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitem-splitter.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemback-down-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemback-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemleft-down-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemleft-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemleft.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemright-down-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemright-vista.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menu_bg-basic.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menu_separator_bar.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menu_separator_white.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\minus.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\modify.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\move.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\movetarget.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\plus.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\pop.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\radio.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\reload.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\remove.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rename.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\resize-box.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rss.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rsschannelback.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\RSSLogo.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rsstabdivider.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\scroll-left.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\scroll-right.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\search-go.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\search.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\separator.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\text-ellipsis.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\throbber.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\toolbarsplitter.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\transparent_1px.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\yahoo.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\debugbar\debug.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\footer.htm (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gamecategory.xsl (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gameData.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gameList.xsl (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gametype.xsl (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\initHTML.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\popupGames.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\popupHTML.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\popupWidgets.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\scroll.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\panels.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\popupAbout.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\popupGames.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\popupWidgets.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\main.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\main.html.bak (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\css\dialog.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\bg.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\btn-search.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\btn-wide-close-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\btn-wide-close.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\default.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-off-l.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-off-r.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-on-l.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-on-r.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\transparent.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\ttlbar-left.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\ttlbar-mdl.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\ttlbar-right.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-left.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-mdl.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-right-resize.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-right.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-left.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-right.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\scripts\defscript.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\scripts\defscript.js.bak (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-dn.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-sml-drop.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-sml.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-up.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrowr-bluew5.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bg-aboutbox.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bg-btnover.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bg-pnl520x390.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-addtoolbar-left.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-addtoolbar-right.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-back.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-close-grey.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-close-greyover.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-drag.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-mdl-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-mdl.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-moredetails.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-next-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-next.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-play-left-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-play-left.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-previous-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-previous.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-right-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-search-pnlbtm.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-try-left-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-try-left.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bullet-orange.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\gamethumb-on.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\gamethumb2-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-calendar.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-dollar.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-download.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-joystick24.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-news24.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-play.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-tags.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-Add.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-download.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-Info.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-play.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-shop.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\menul-bgon.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\menul-bgover.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\panel-botm-noscroll.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scroll-bg-206.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scroll-bg.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scroll-topwin.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb-disable.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb-down.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt-disable.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt-down.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\searchbox-pnlbtm.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\star_x_grey.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\star_x_orange.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\throbber.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\TRUSTe_about.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-detailed-on.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-detailed-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-thumb-on.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-thumb-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\widgets-square-16px.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\widgets-square-24px.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\widgets.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_02.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_03.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_04.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_06.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_07.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_08.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_09.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_10.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_11.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_12.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_13.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_14.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_15.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_16.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_18.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_19.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_20.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_21.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\btn-close-grey.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\btn-close-greyover.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\close-hot.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\close-normal.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\loadingMid.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\paneltemplate.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\proxy.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\template.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\template.html.bak (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\template.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\templateFF.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\throbber.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\cond999.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\icons.xml (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\na-s.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\na-t.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\na.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\weather.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\popupWeather.css (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\popupWeather.html (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\add.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\box-check.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\ico-check.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\options-weather.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\over-blue.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\over-orange.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-main.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-search.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-weather.gif (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-weather.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-widgets.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar\searchbar-background-left.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar\searchbar-background-middle.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar\searchbar-background-right.png (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\components\windowmediator.js (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\datamngr.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\datamngrUI.exe (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\DnsBHO.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\IEBHO.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Users\mmharding\AppData\Roaming\OpenCandy\8AFAA7AF1F43425EBE5F4EFF008E9DDB\4824.ico (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\mmharding\AppData\Roaming\OpenCandy\8AFAA7AF1F43425EBE5F4EFF008E9DDB\AVG Safeguard.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\mmharding\AppData\Roaming\OpenCandy\8AFAA7AF1F43425EBE5F4EFF008E9DDB\AVG_Toolbar_CB_ALL_p3v0.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\mmharding\AppData\Roaming\OpenCandy\8AFAA7AF1F43425EBE5F4EFF008E9DDB\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\mmharding\AppData\Roaming\OpenCandy\8AFAA7AF1F43425EBE5F4EFF008E9DDB\OCBrowserHelper_1.0.4.106.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.

(end)


Last:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.28.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
mmharding :: PNALT34 [administrator]

1/29/2014 11:28:37 AM
mbam-log-2014-01-29 (11-28-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 239371
Time elapsed: 8 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\MMHARD~1\LOCALS~1\Temp\msfsirzko.exe -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#6
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
chckup.txt

Results of screen317's Security Check version 0.99.79
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.1
Java 7 Update 21
Java version out of Date!
Google Chrome 32.0.1700.102
Google Chrome 32.0.1700.76
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 9%
````````````````````End of Log``````````````````````
  • 0

#7
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I'm re-doing adwcleaner. I will repost.
  • 0

#8
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
The AdwCleaner says Pending: Please uncheck elements you don't want to remove. I don't see anything to check. Clicking thru the tabs and tools, I see the quarantine manager whitch has a lot of things with check boxes. Is that what it means?
  • 0

#9
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
# AdwCleaner v3.018 - Report created 29/01/2014 at 13:19:01
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : mmharding - PNALT34
# Running from : C:\Users\mmharding\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16750


-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\mmharding\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10935 octets] - [29/01/2014 08:53:41]
AdwCleaner[R1].txt - [896 octets] - [29/01/2014 12:45:45]
AdwCleaner[R2].txt - [754 octets] - [29/01/2014 13:19:01]
AdwCleaner[S0].txt - [11043 octets] - [29/01/2014 08:54:36]
AdwCleaner[S1].txt - [956 octets] - [29/01/2014 12:48:38]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [933 octets] ##########
  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hi MMHarding,

All the scans are looking ok. Let me review the logs and prepare a fix for you. This will take a while. Don't run anymore scanners or try to fix anything yourself.

Thanks
Joe :)
  • 0

Advertisements


#11
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Sounds good. Snowy days in Atlanta so a good day to have computer issues!
  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
I saw Atalanta on the weather channel, didn't look good...... :)

You're fix is being reviewed,

Joe :)

Edited by zep516, 29 January 2014 - 07:33 PM.

  • 0

#13
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Yeah, I'm glad I'm at home in my hilly little neighborhood. Just a midweek weekend!
  • 0

#14
MMHarding

MMHarding

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I use - and care about programs like - Roni Amazing SlowDowner, Google Chrome (I just changed back to IE10 as I was having issues with IE11 not working with many sites I commonly visit like children's schools), iTunes, SmartMusic, Adobe Acrobat Standard 9.0 (just reinstalled and it is the newest version I have paid for), and standard Microsoft programs.
  • 0

#15
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hello MMHarding, :)
You had a lot of adware on your machine, Malwarebytes took care of a lot or most of it for you.

First:

We need to do a fix using OTL, this will remove left over entries, that maybe causing errors.

  • Double click on the Posted Image to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :COMMANDS
    [createrestorepoint]
    
    :OTL
    DRV:64bit: - [2013/11/22 17:41:07 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll File not found
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    F3:64bit: - HKCU WinNT: Load - (C:\Users\MMHARD~1\LOCALS~1\Temp\msfsirzko.exe) - File not found
    F3 - HKCU WinNT: Load - (C:\Users\MMHARD~1\LOCALS~1\Temp\msfsirzko.exe) - File not found
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - File not found
    O30 - LSA: Authentication Packages - (wvauth) - File not found
    O33 - MountPoints2\{8fdcd96f-ed44-11e1-846b-d067e54e8d98}\Shell - "" = AutoRun
    O33 - MountPoints2\{8fdcd96f-ed44-11e1-846b-d067e54e8d98}\Shell\AutoRun\command - "" = E:\Design_Data.exe
    [2012/12/27 12:23:00 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$4669c46d9304397464b7b5be2e1e93a4\L
    [2012/12/27 12:23:00 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$4669c46d9304397464b7b5be2e1e93a4\U
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [resethosts]
    [emptytemp]
    
    
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.

Next

Checking for additional browser Hijacks.

Please download Junkware Removal Tool to your desktop.

  • Disable your protection software now to avoid potential conflicts. See Here.To do that.
  • Run the tool by double-clicking on XP. Or right click and select Run as Administrator Vista/Win7 and above.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Please post the following logs in your next reply:

  • OTL Fix log located here--> C:\_OTL\Moved Files
  • OTL.txt after quick scan
  • JRT.txt

Tell me how the computer is running.

Thanks
Joe :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP