Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

TopArcadeHits Virus help needed!


  • Please log in to reply

#1
jtasch

jtasch

    New Member

  • Member
  • Pip
  • 4 posts
Hi, I am getting pop-ups from TopArcadeHits and have had no luck with removing it. I have tried Malwarebytes and Advanced SystemCare to try to remove it. Any help is much appreciated. I ran OTL and here are the logs -- OTL.txt (it also create Extras.txt - please let me know if that is needed as well)

OTL logfile created on: 8/30/2013 7:50:43 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jeff\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 30.96% Memory free
7.50 Gb Paging File | 4.45 Gb Available in Paging File | 59.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.64 Gb Total Space | 460.71 Gb Free Space | 78.94% Space Free | Partition Type: NTFS
Drive D: | 12.43 Gb Total Space | 1.52 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: JEFF-HP | User Name: Jeff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/30 07:50:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jeff\Downloads\OTL.exe
PRC - [2013/08/30 07:43:20 | 000,201,728 | ---- | M] (OldTimer Tools) -- C:\Users\Jeff\Downloads\OTC.exe
PRC - [2013/08/20 16:22:10 | 004,057,920 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
PRC - [2013/08/17 11:38:59 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2013/08/17 11:38:58 | 001,737,728 | ---- | M] (Lavasoft Limited ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2013/08/17 11:19:36 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/10 17:44:44 | 000,732,992 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
PRC - [2013/08/08 19:33:48 | 001,303,360 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/07/27 12:17:18 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/06/13 13:03:00 | 000,943,016 | ---- | M] (Lavasoft) -- C:\ProgramData\Search Protection\SearchProtection.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/04/18 20:38:38 | 000,491,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013/03/22 06:07:16 | 000,248,208 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/12/10 18:13:56 | 001,229,824 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Comcast\pcBrowser.exe
PRC - [2012/12/10 18:12:38 | 000,369,152 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
PRC - [2012/12/10 18:12:02 | 000,225,280 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
PRC - [2012/09/10 16:43:59 | 001,085,312 | ---- | M] (MYTRAK Health Systems Inc.) -- C:\Program Files (x86)\MYTRAKHealth\MytrakM2\Mytrak Manager.exe
PRC - [2012/09/10 04:17:48 | 000,436,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/03/23 16:09:38 | 014,749,544 | ---- | M] (GARMIN Corp.) -- C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/06/17 20:59:40 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/17 11:19:35 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/08/15 17:31:14 | 000,268,968 | ---- | M] () -- C:\Windows\SysWOW64\sqlite3.dll
MOD - [2013/08/14 07:31:54 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\91c0925fd175c895d367e2d54b395ddd\Microsoft.VisualBasic.ni.dll
MOD - [2013/08/14 07:24:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e06dbdafb38c38517aef61ac41e2fd9d\System.Runtime.Remoting.ni.dll
MOD - [2013/08/14 07:23:32 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/14 07:23:26 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 07:23:06 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 07:23:03 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/14 07:22:54 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/27 12:17:18 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/07/12 03:38:50 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/06/17 16:30:08 | 001,233,728 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Scan.dll
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll
MOD - [2013/01/15 18:47:50 | 000,517,440 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
MOD - [2012/09/10 04:17:56 | 000,025,592 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll
MOD - [2012/09/10 04:17:52 | 000,254,968 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2012/09/10 04:17:50 | 000,073,720 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 02:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/06/17 21:11:58 | 001,699,384 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\PictureMover\EN-US\Presentation.dll
MOD - [2010/06/17 21:00:10 | 012,286,520 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2009/07/13 21:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/12/10 18:12:38 | 000,460,288 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService64)
SRV:64bit: - [2011/10/13 15:44:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/06/30 03:42:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/08/18 20:35:52 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/17 11:38:58 | 001,737,728 | ---- | M] (Lavasoft Limited ) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2013/08/17 11:19:35 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/15 17:38:16 | 002,298,704 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
SRV - [2013/08/08 19:33:48 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/12/10 18:12:38 | 000,369,152 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe -- (pcCMService)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/21 13:32:47 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/08/19 17:37:13 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/08/19 17:37:12 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/19 17:37:12 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/10 18:12:10 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2012/12/10 18:12:10 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2012/12/01 21:01:07 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/12/01 21:01:07 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/06/30 05:33:14 | 009,371,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/30 03:00:52 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/06/24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/05/17 17:44:46 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011/02/15 21:00:36 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/06/06 23:12:22 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/03/10 11:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/04 10:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/06 00:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/06 00:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/12/22 05:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/12/10 18:12:02 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2012/12/10 18:12:02 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2011/02/15 21:00:38 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2011/01/17 16:33:40 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {DD357DCE-0CA1-465E-A221-A6A713C6A0EB}
IE:64bit: - HKLM\..\SearchScopes\{03810A30-8A69-4246-BBBF-FA31110814D0}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {BBA4B3E2-222F-4A0F-8975-34D4D9AE5F23}
IE - HKLM\..\SearchScopes\{03810A30-8A69-4246-BBBF-FA31110814D0}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}: "URL" = http://search.yahoo....psg&type=HPDTDF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch...ADC895214F9F3A8
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {B25438C7-83DC-4FD1-8A43-1B47DB0CC69D}
IE - HKCU\..\SearchScopes\{03810A30-8A69-4246-BBBF-FA31110814D0}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://securedsearch...q={searchTerms}
IE - HKCU\..\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{B25438C7-83DC-4FD1-8A43-1B47DB0CC69D}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{BBA4B3E2-222F-4A0F-8975-34D4D9AE5F23}: "URL" = http://search.condui...7725617511&UM=2
IE - HKCU\..\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..CT3298573.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V37 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0
FF - prefs.js..extensions.enabledAddons: speedtest%40gotomyhelp.com:1.2.5
FF - prefs.js..extensions.enabledAddons: %7B87934c42-161d-45bc-8cef-ef18abe2a30c%7D:3.4
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: speeddial%40instair.net:1.3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.yahoo....type=198484&p="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/08/19 05:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 15:12:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/16 15:12:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 15:12:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/16 15:12:44 | 000,000,000 | ---D | M]

[2011/07/16 20:54:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions
[2011/07/16 20:54:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/08/23 14:23:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions
[2013/08/16 11:49:47 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}
[2013/03/03 18:19:59 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013/08/20 12:00:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/08/21 13:33:44 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2013/08/23 14:22:10 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2013/08/23 14:23:27 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2013/08/18 20:39:31 | 001,312,907 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2013/08/16 15:17:46 | 000,040,102 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2012/06/17 20:50:24 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2013/07/31 17:27:12 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/16 11:48:27 | 000,000,997 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\searchplugins\conduit.xml
[2013/08/23 14:22:03 | 000,000,904 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\searchplugins\yahoo.xml
[2013/08/17 11:50:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/16 15:12:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/17 11:19:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/16 15:12:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/08/16 15:12:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec\1.0_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.16_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn\1.1_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfchmfgdaabgdjbcaophikcobddojjoe\10.16.100.4_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (AccelerateTab) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Comcast_McciTrayApp] C:\Program Files\Comcast\pcTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (Lavasoft)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - HKCU..\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKCU..\Run: [Mytrak Manager.exe] C:\Program Files (x86)\MYTRAKHealth\MytrakM2\Mytrak Manager.exe (MYTRAK Health Systems Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75F26F4E-BF2F-4DA2-9E6B-2D467FA45299}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/23 14:23:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secure Speed Dial
[2013/08/23 14:22:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2013/08/23 14:22:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2013/08/23 14:22:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
[2013/08/21 13:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/08/21 13:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2013/08/21 13:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013/08/21 13:33:58 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Local\adawarebp
[2013/08/21 13:33:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013/08/18 21:16:49 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Local\Programs
[2013/08/18 20:46:29 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\LavasoftStatistics
[2013/08/18 20:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/08/18 20:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/08/18 20:42:14 | 000,047,496 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2013/08/18 20:42:14 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/08/18 20:42:14 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\Ad-Aware Antivirus
[2013/08/17 12:02:37 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\Comcast
[2013/08/17 11:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comcast
[2013/08/17 11:52:43 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\Motive
[2013/08/17 11:51:27 | 000,000,000 | ---D | C] -- C:\Program Files\Comcast
[2013/08/17 11:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comcast
[2013/08/17 11:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Motive
[2013/08/17 11:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2013/08/17 11:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2013/08/16 15:12:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/16 11:49:00 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Local\Conduit
[2013/08/16 11:48:51 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Local\CRE
[2013/08/16 11:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/08/16 11:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/08/16 11:48:27 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\SearchProtect
[2013/08/14 06:48:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT

========== Files - Modified Within 30 Days ==========

[2013/08/30 07:23:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/30 07:11:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2524325385-2811533165-4068426589-1001UA.job
[2013/08/30 07:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/30 02:11:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2524325385-2811533165-4068426589-1001Core.job
[2013/08/29 17:33:43 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2013/08/29 17:33:43 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2013/08/29 16:23:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/27 11:31:00 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/27 11:31:00 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/23 14:22:04 | 000,001,238 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2013/08/23 14:22:03 | 000,001,187 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
[2013/08/21 14:14:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/21 14:14:51 | 3019,333,632 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/21 13:59:30 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/08/21 13:32:47 | 000,047,496 | ---- | M] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2013/08/21 13:32:47 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/08/21 10:33:20 | 000,731,422 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/21 10:33:20 | 000,627,556 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/21 10:33:20 | 000,107,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/19 17:37:13 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/08/19 17:37:13 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013/08/19 17:37:12 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/08/19 17:37:12 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/08/19 17:37:12 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013/08/19 17:37:12 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013/08/19 05:37:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/08/18 21:17:11 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/17 11:52:44 | 000,002,159 | ---- | M] () -- C:\Users\Jeff\Desktop\EasySolve.lnk
[2013/08/17 11:39:14 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2013/08/17 11:39:12 | 000,016,432 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2013/08/17 11:19:46 | 000,002,050 | ---- | M] () -- C:\Users\Jeff\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/08/15 17:31:14 | 000,268,968 | ---- | M] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/08/14 18:30:03 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJeff.job
[2013/08/06 20:50:01 | 000,001,213 | ---- | M] () -- C:\Users\Jeff\Documents\JEFFS BONDS.SBW.bak
[2013/08/06 20:50:01 | 000,001,213 | ---- | M] () -- C:\Users\Jeff\Documents\Jeffs Bonds.sbw

========== Files Created - No Company Name ==========

[2013/08/23 14:23:25 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/08/21 13:59:30 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/08/19 17:37:13 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013/08/19 17:37:13 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013/08/19 17:37:13 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013/08/19 05:37:08 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/08/19 05:37:08 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/08/17 11:52:44 | 000,002,159 | ---- | C] () -- C:\Users\Jeff\Desktop\EasySolve.lnk
[2013/08/17 11:39:35 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2013/08/17 11:39:35 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2013/08/04 08:59:00 | 000,001,213 | ---- | C] () -- C:\Users\Jeff\Documents\JEFFS BONDS.SBW.bak
[2013/08/04 08:59:00 | 000,001,213 | ---- | C] () -- C:\Users\Jeff\Documents\Jeffs Bonds.sbw
[2012/02/22 21:54:48 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/02/10 20:46:20 | 000,000,629 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/10/13 15:53:18 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/13 15:53:02 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/08 20:14:05 | 000,000,254 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/10/08 20:14:05 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/10/08 20:13:31 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/10/08 16:56:32 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2011/01/17 16:20:05 | 000,007,606 | ---- | C] () -- C:\Users\Jeff\AppData\Local\Resmon.ResmonCfg
[2011/01/13 22:21:34 | 000,038,450 | ---- | C] () -- C:\Users\Jeff\AppData\Roaming\Comma Separated Values (Windows).ADR
[2011/01/13 22:20:46 | 000,009,337 | ---- | C] () -- C:\Users\Jeff\AppData\Roaming\Comma Separated Values (Windows).EML

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/18 20:42:14 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\Ad-Aware Antivirus
[2013/08/17 12:02:37 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\Comcast
[2012/10/14 18:03:41 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\Garmin
[2012/11/09 18:30:34 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\IObit
[2011/03/25 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\OpenOffice.org
[2011/01/13 21:12:50 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\PictureMover
[2012/02/18 08:20:20 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\ScanSoft
[2013/08/19 05:28:02 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\SearchProtect
[2011/07/16 20:54:16 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\TomTom
[2011/01/13 21:40:39 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\TP
[2011/03/17 20:50:23 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\TweakNow PowerPack 2011
[2011/01/14 17:17:41 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\WinBatch
[2012/02/18 08:20:27 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\Zeon

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Users\Jeff\AppData\Roaming\Comma Separated Values (Windows).EML:OECustomProperty

< End of report >


Thanks for your time!

Jeff
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Uninstall Advanced SystemCare so it doesn't interfere.

Then:

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and right click on the AdwCleaner icon and Run As Admin.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop.
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.
  • 0

#3
jtasch

jtasch

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
AdwCleaner Report (Clean):

# AdwCleaner v3.001 - Report created 30/08/2013 at 14:24:56
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jeff - JEFF-HP
# Running from : C:\Users\Jeff\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Application Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\search protection
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Users\Jeff\AppData\Local\Conduit
Folder Deleted : C:\Users\Jeff\AppData\Local\cre
Folder Deleted : C:\Users\Jeff\AppData\Local\PackageAware
Folder Deleted : C:\Users\Jeff\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Jeff\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jeff\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Jeff\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Jeff\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\adawaretb
Folder Deleted : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\jetpack
Folder Deleted : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfchmfgdaabgdjbcaophikcobddojjoe
[!] Folder Deleted : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfchmfgdaabgdjbcaophikcobddojjoe
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\mfchmfgdaabgdjbcaophikcobddojjoe
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mfchmfgdaabgdjbcaophikcobddojjoe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\prefs.js ]

Line Deleted : user_pref("CT3298573.FF19Solved", "true");
Line Deleted : user_pref("CT3298573.UserID", "UN19672742761248924");
Line Deleted : user_pref("CT3298573.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3298573.fullUserID", "UN19672742761248924.IN.20130816114823");
Line Deleted : user_pref("CT3298573.installDate", "16/08/2013 11:48:22");
Line Deleted : user_pref("CT3298573.installSessionId", "{BA59BD25-08AF-46FB-8B58-401836EBE60C}");
Line Deleted : user_pref("CT3298573.installSp", "TRUE");
Line Deleted : user_pref("CT3298573.installerVersion", "1.5.4.5");
Line Deleted : user_pref("CT3298573.keyword", "true");
Line Deleted : user_pref("CT3298573.originalHomepage", "hxxp://www.yahoo.com/");
Line Deleted : user_pref("CT3298573.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3298573.originalSearchEngine", "");
Line Deleted : user_pref("CT3298573.originalSearchEngineName", "");
Line Deleted : user_pref("CT3298573.searchRevert", "false");
Line Deleted : user_pref("CT3298573.searchUserMode", "2");
Line Deleted : user_pref("CT3298573.smartbar.homepage", "true");
Line Deleted : user_pref("CT3298573.versionFromInstaller", "10.16.9.6");
Line Deleted : user_pref("CT3298573.xpeMode", "0");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3298573&octid=CT3298573&SearchSource=61&CUI=UN19672742761248924&UM=2&UP=SP670C8AE8-99DF-46E9-970D-98ED56576D96");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V37 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&CUI=UN19672742761248924&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3298573");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN19672742761248924&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3298573&octid=CT3298573&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&SearchSource=2&CUI=UN19672742761248924&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3298573");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3298573");
Line Deleted : user_pref("smartbar.machineId", "QV4IIFR2VVRK6Q96VKRUY9SEEXQPVBB1MALPNFLJTSCHPPNDIKCYGJKEFUFA2VFIUS5INNN6OSMMFKUI0OB3OG");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN19672742761248924&UM=2&SearchSource=13");

-\\ Google Chrome v

[ File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url

*************************

AdwCleaner[R0].txt - [9231 octets] - [30/08/2013 14:20:15]
AdwCleaner[S0].txt - [8470 octets] - [30/08/2013 14:24:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8530 octets] ##########



JRT Log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jeff on Fri 08/30/2013 at 14:38:28.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2524325385-2811533165-4068426589-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\deal[1]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\deal[1]_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\deal[1]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\deal[1]_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{03810A30-8A69-4246-BBBF-FA31110814D0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BBA4B3E2-222F-4A0F-8975-34D4D9AE5F23}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{03810A30-8A69-4246-BBBF-FA31110814D0}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Jeff\appdata\local\adawarebp"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Jeff\AppData\Roaming\mozilla\firefox\profiles\0y3yoj76.default\extensions\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
Emptied folder: C:\Users\Jeff\AppData\Roaming\mozilla\firefox\profiles\0y3yoj76.default\minidumps [85 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/30/2013 at 14:45:45.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







OTL Log:
OTL logfile created on: 8/30/2013 2:50:35 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jeff\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.59 Gb Available Physical Memory | 42.38% Memory free
7.50 Gb Paging File | 5.50 Gb Available in Paging File | 73.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.64 Gb Total Space | 460.75 Gb Free Space | 78.94% Space Free | Partition Type: NTFS
Drive D: | 12.43 Gb Total Space | 1.52 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: JEFF-HP | User Name: Jeff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/30 07:50:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jeff\Downloads\OTL.exe
PRC - [2013/08/17 11:38:59 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2013/08/17 11:38:58 | 001,737,728 | ---- | M] (Lavasoft Limited ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2013/08/17 11:19:36 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/07/27 12:17:18 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013/03/22 06:07:16 | 000,248,208 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/12/10 18:12:38 | 000,369,152 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
PRC - [2012/09/10 16:43:59 | 001,085,312 | ---- | M] (MYTRAK Health Systems Inc.) -- C:\Program Files (x86)\MYTRAKHealth\MytrakM2\Mytrak Manager.exe
PRC - [2012/09/10 04:17:48 | 000,436,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/03/23 16:09:38 | 014,749,544 | ---- | M] (GARMIN Corp.) -- C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/11/20 08:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/06/17 20:59:40 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/17 11:19:35 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/08/15 17:31:14 | 000,268,968 | ---- | M] () -- C:\Windows\SysWOW64\sqlite3.dll
MOD - [2013/08/14 07:31:54 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\91c0925fd175c895d367e2d54b395ddd\Microsoft.VisualBasic.ni.dll
MOD - [2013/08/14 07:31:42 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/14 07:24:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e06dbdafb38c38517aef61ac41e2fd9d\System.Runtime.Remoting.ni.dll
MOD - [2013/08/14 07:24:01 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/14 07:23:45 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\930e99b2f62cea8c4aa070527d15f748\PresentationFramework.ni.dll
MOD - [2013/08/14 07:23:32 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/14 07:23:26 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 07:23:24 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\585b8f6cc7ba86886462d0dc9753c98f\PresentationCore.ni.dll
MOD - [2013/08/14 07:23:13 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013/08/14 07:23:06 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 07:23:03 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/14 07:22:54 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/27 12:17:18 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/07/12 03:39:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/12 03:38:50 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/09/10 04:17:56 | 000,025,592 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll
MOD - [2012/09/10 04:17:52 | 000,254,968 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2012/09/10 04:17:50 | 000,073,720 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2012/02/04 15:31:24 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 02:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/11/04 21:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/09/28 15:00:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/09/28 15:00:30 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/09/28 15:00:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2010/06/17 21:11:58 | 001,699,384 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\PictureMover\EN-US\Presentation.dll
MOD - [2010/06/17 21:00:10 | 012,286,520 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2009/07/13 21:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/12/10 18:12:38 | 000,460,288 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService64)
SRV:64bit: - [2011/10/13 15:44:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/06/30 03:42:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/08/18 20:35:52 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/17 11:38:58 | 001,737,728 | ---- | M] (Lavasoft Limited ) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2013/08/17 11:19:35 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/15 17:38:16 | 002,298,704 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/12/10 18:12:38 | 000,369,152 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe -- (pcCMService)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/21 13:32:47 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/08/19 17:37:13 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/08/19 17:37:12 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/19 17:37:12 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/10 18:12:10 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2012/12/10 18:12:10 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2012/12/01 21:01:07 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/12/01 21:01:07 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/06/30 05:33:14 | 009,371,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/30 03:00:52 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/06/24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/05/17 17:44:46 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011/02/15 21:00:36 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/06/06 23:12:22 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/03/10 11:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/04 10:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/06 00:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/06 00:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/12/22 05:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/12/10 18:12:02 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2012/12/10 18:12:02 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2011/02/15 21:00:38 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2011/01/17 16:33:40 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {DD357DCE-0CA1-465E-A221-A6A713C6A0EB}
IE:64bit: - HKLM\..\SearchScopes\{03810A30-8A69-4246-BBBF-FA31110814D0}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}: "URL" = http://search.yahoo....psg&type=HPDTDF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {B25438C7-83DC-4FD1-8A43-1B47DB0CC69D}
IE - HKCU\..\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{B25438C7-83DC-4FD1-8A43-1B47DB0CC69D}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0
FF - prefs.js..extensions.enabledAddons: speedtest%40gotomyhelp.com:1.2.5
FF - prefs.js..extensions.enabledAddons: speeddial%40instair.net:1.3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.yahoo....type=198484&p="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/08/19 05:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 15:12:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/16 15:12:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 15:12:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/16 15:12:44 | 000,000,000 | ---D | M]

[2011/07/16 20:54:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions
[2011/07/16 20:54:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/08/30 14:46:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions
[2013/08/16 11:49:47 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}
[2013/03/03 18:19:59 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013/08/20 12:00:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/08/23 14:23:27 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2013/08/18 20:39:31 | 001,312,907 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2013/08/16 15:17:46 | 000,040,102 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2012/06/17 20:50:24 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2013/07/31 17:27:12 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/23 14:22:03 | 000,000,904 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\searchplugins\yahoo.xml
[2013/08/17 11:50:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/16 15:12:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/17 11:19:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/16 15:12:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/08/16 15:12:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec\1.0_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.16_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn\1.1_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (AccelerateTab) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Comcast_McciTrayApp] C:\Program Files\Comcast\pcTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKCU..\Run: [Mytrak Manager.exe] C:\Program Files (x86)\MYTRAKHealth\MytrakM2\Mytrak Manager.exe (MYTRAK Health Systems Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75F26F4E-BF2F-4DA2-9E6B-2D467FA45299}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/30 14:38:25 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/08/30 14:16:36 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/23 14:23:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secure Speed Dial
[2013/08/21 13:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/08/21 13:33:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013/08/18 21:16:49 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Local\Programs
[2013/08/18 20:46:29 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\LavasoftStatistics
[2013/08/18 20:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/08/18 20:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/08/18 20:42:14 | 000,047,496 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2013/08/18 20:42:14 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/08/18 20:42:14 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\Ad-Aware Antivirus
[2013/08/17 12:02:37 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\Comcast
[2013/08/17 11:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comcast
[2013/08/17 11:52:43 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\Motive
[2013/08/17 11:51:27 | 000,000,000 | ---D | C] -- C:\Program Files\Comcast
[2013/08/17 11:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comcast
[2013/08/17 11:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Motive
[2013/08/17 11:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2013/08/17 11:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2013/08/16 15:12:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/14 06:55:43 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/14 06:55:43 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/14 06:55:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/14 06:55:41 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/14 06:55:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/14 06:55:41 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/14 06:55:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/14 06:55:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/14 06:55:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/14 06:55:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/14 06:55:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/14 06:55:38 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/14 06:55:38 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/14 06:55:38 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/14 06:55:37 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/14 06:48:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/13 17:11:52 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/13 17:11:49 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/13 17:11:48 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/13 17:11:48 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/13 17:11:20 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/13 17:11:19 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/13 17:10:09 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/13 17:10:07 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/13 17:10:07 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/13 17:10:07 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/13 17:10:06 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/13 17:10:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/13 17:10:00 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/13 17:09:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/13 17:09:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/13 17:09:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

========== Files - Modified Within 30 Days ==========

[2013/08/30 14:48:24 | 000,001,091 | ---- | M] () -- C:\Users\Jeff\Desktop\OTL - Shortcut.lnk
[2013/08/30 14:37:14 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/30 14:37:14 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/30 14:27:50 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2013/08/30 14:27:25 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/30 14:26:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/30 14:26:25 | 3019,333,632 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/30 14:23:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/30 14:11:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2524325385-2811533165-4068426589-1001UA.job
[2013/08/30 14:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/30 02:11:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2524325385-2811533165-4068426589-1001Core.job
[2013/08/29 17:33:43 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2013/08/29 17:33:43 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2013/08/21 13:59:30 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/08/21 13:32:47 | 000,047,496 | ---- | M] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2013/08/21 13:32:47 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/08/21 10:33:20 | 000,731,422 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/21 10:33:20 | 000,627,556 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/21 10:33:20 | 000,107,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/19 17:37:13 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/08/19 17:37:13 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013/08/19 17:37:12 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/08/19 17:37:12 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/08/19 17:37:12 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013/08/19 17:37:12 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013/08/19 05:37:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/08/18 21:17:11 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/18 20:35:51 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/08/18 20:35:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/08/17 11:52:44 | 000,002,159 | ---- | M] () -- C:\Users\Jeff\Desktop\EasySolve.lnk
[2013/08/17 11:39:14 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2013/08/17 11:39:12 | 000,016,432 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2013/08/17 11:19:46 | 000,002,050 | ---- | M] () -- C:\Users\Jeff\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/08/15 17:31:14 | 000,268,968 | ---- | M] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/08/14 18:30:03 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJeff.job
[2013/08/06 20:50:01 | 000,001,213 | ---- | M] () -- C:\Users\Jeff\Documents\JEFFS BONDS.SBW.bak
[2013/08/06 20:50:01 | 000,001,213 | ---- | M] () -- C:\Users\Jeff\Documents\Jeffs Bonds.sbw

========== Files Created - No Company Name ==========

[2013/08/30 14:48:24 | 000,001,091 | ---- | C] () -- C:\Users\Jeff\Desktop\OTL - Shortcut.lnk
[2013/08/30 14:27:48 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2013/08/23 14:23:25 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/08/21 13:59:30 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/08/19 17:37:13 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013/08/19 17:37:13 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013/08/19 17:37:13 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013/08/19 05:37:08 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/08/19 05:37:08 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/08/17 11:52:44 | 000,002,159 | ---- | C] () -- C:\Users\Jeff\Desktop\EasySolve.lnk
[2013/08/17 11:39:35 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2013/08/17 11:39:35 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2013/08/04 08:59:00 | 000,001,213 | ---- | C] () -- C:\Users\Jeff\Documents\JEFFS BONDS.SBW.bak
[2013/08/04 08:59:00 | 000,001,213 | ---- | C] () -- C:\Users\Jeff\Documents\Jeffs Bonds.sbw
[2012/02/22 21:54:48 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/02/10 20:46:20 | 000,000,629 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/10/13 15:53:18 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/13 15:53:02 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/08 20:14:05 | 000,000,254 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/10/08 20:14:05 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/10/08 20:13:31 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/10/08 16:56:32 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2011/01/17 16:20:05 | 000,007,606 | ---- | C] () -- C:\Users\Jeff\AppData\Local\Resmon.ResmonCfg
[2011/01/13 22:21:34 | 000,038,450 | ---- | C] () -- C:\Users\Jeff\AppData\Roaming\Comma Separated Values (Windows).ADR
[2011/01/13 22:20:46 | 000,009,337 | ---- | C] () -- C:\Users\Jeff\AppData\Roaming\Comma Separated Values (Windows).EML

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Users\Jeff\AppData\Roaming\Comma Separated Values (Windows).EML:OECustomProperty

< End of report >



OTL Extras:
OTL Extras logfile created on: 8/30/2013 2:50:35 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jeff\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.59 Gb Available Physical Memory | 42.38% Memory free
7.50 Gb Paging File | 5.50 Gb Available in Paging File | 73.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.64 Gb Total Space | 460.75 Gb Free Space | 78.94% Space Free | Partition Type: NTFS
Drive D: | 12.43 Gb Total Space | 1.52 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: JEFF-HP | User Name: Jeff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BD353F-9DBE-4534-97B4-E8429EAE28BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{07B54A4A-48A8-48E7-A080-AB0B2A87A4B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{110573BD-A20A-4FC2-B100-F58F4AC761CD}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{305E08C8-1ACB-4246-AB9D-B204925BDA0A}" = lport=445 | protocol=6 | dir=in | app=system |
"{30F274AC-92C7-4093-BC5D-2976439468CF}" = rport=139 | protocol=6 | dir=out | app=system |
"{3D617DE5-1BEB-4711-ABFB-731F94593C48}" = rport=445 | protocol=6 | dir=out | app=system |
"{434B01E9-2438-42FD-8889-F0A3259083C9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{536625B5-0AFC-4958-8C44-D4BE9871B71B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6D22FB3D-DF62-4A98-A02C-B86B3FAD7012}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{6E48AC0D-EF0E-4B41-8AC3-90523E4B01A7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6EFA745F-9D2A-4FA9-9049-E268DD1AC21A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{798B6D01-3B86-41CC-A53D-5F5B425EDBD0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{86683D31-9C1A-425B-964E-9B3D79C95D36}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{90836696-0814-4D00-8D54-70A38A22509A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99E7F6A0-BACB-4C6D-A6B5-DCC1F796D55C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C36BEEE-3F06-4211-A34E-B0E4E3020291}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{9D883ED9-90C2-4067-95C0-E228FA1C467C}" = rport=137 | protocol=17 | dir=out | app=system |
"{9F637D8D-2602-403A-9E1F-6214B7CC68B9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE7D87E0-6F65-4570-9A8B-A331209663B4}" = lport=137 | protocol=17 | dir=in | app=system |
"{B3629994-98F5-46FE-8100-7EB3D2A4B2D8}" = rport=138 | protocol=17 | dir=out | app=system |
"{B7C1F81A-FD41-47E0-B0FD-55A47BAFE6ED}" = lport=139 | protocol=6 | dir=in | app=system |
"{B84C84C5-F5B0-4080-91E1-24291E5E1A6A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BABA1E0D-0E7F-462A-8829-DE5F054D770B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BADA4008-1795-47A4-9D66-6E8DDF6F9687}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BC8475B6-8AFC-4590-B70C-D05C77544E0C}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdateservice.exe |
"{D8AC2BD1-7C95-465D-832A-B92B459024A8}" = lport=138 | protocol=17 | dir=in | app=system |
"{D9819F88-6944-4AC5-AC8B-EE3D26440307}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E69EE65A-514F-4C72-9BA4-11D750E960AE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F4F87F46-F66E-4AB5-98BE-D34152D8E573}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdater.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CA48488-F86F-4389-8BA7-0B7375AE3D0A}" = protocol=6 | dir=in | app=c:\program files (x86)\lavasoft\adaware securesearch toolbar\dtuser.exe |
"{0F16C2D2-0BE9-4672-A9B4-7D8B56C95A42}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe |
"{1D7DF724-1695-4F26-AF2D-E3C35EC4588A}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"{1EF3E4B2-6DAE-452C-91BB-7AFEDFC3FA10}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{23F5999E-A61C-4E12-90CE-396F56F41C74}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2C9B7EAA-A60E-482C-BC1D-8B86C9DE08D5}" = protocol=17 | dir=in | app=c:\program files (x86)\lavasoft\adaware securesearch toolbar\dtuser.exe |
"{36E08102-F2FC-4D1D-A43E-AB66670E4608}" = protocol=1 | dir=out | [email protected],-28544 |
"{42C194C9-D31C-4B1B-91EB-756B7FD48639}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4301F9D6-5DA8-4685-98C5-C7A80A2E9D78}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{4B883788-DB48-485E-83B6-6B7060860F50}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4D01CE83-58FF-4293-B6C8-7B8CF8872C1B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D5970CF-2220-4C63-AE87-C99AAC726FEC}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{60C3AD37-855E-4413-807E-F590FCB97889}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{660AE047-0F40-458E-91B8-A45E8144CFC6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{701EF4E6-267F-449B-907F-79DCE5FC18A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8CE5FAB4-9C07-407B-9A03-1554F3A3789D}" = protocol=58 | dir=out | [email protected],-28546 |
"{8FDACD1E-011D-409B-B423-F897B9F31874}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{906AFE82-ACD6-4435-A0AB-0E667DF50E02}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{B75EEC0A-034E-4CDE-9E53-8DA3651E5808}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{BB4CB939-F910-49F6-B0EE-5F515619C1BF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{BDFD5536-F61A-4FBE-8F0A-0CA68C62E330}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{C0068146-DB10-4194-B6F8-8B69CB926355}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C195BACC-4A8E-4601-903F-ED2CC7F40192}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C663635F-D027-48CC-BFF2-B8A26B933DAC}" = protocol=58 | dir=in | [email protected],-28545 |
"{C90A83B5-26EF-4319-BE03-DFB0D52BC614}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CB7F3DB5-88E2-4D9D-8C01-5D2698741AE0}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{DC46EA59-ADCA-4509-862C-4DF4123B16BF}" = protocol=1 | dir=in | [email protected],-28543 |
"{DC9BEDAF-BB42-4D40-B09F-A7502A4ACC85}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DD8CA930-9A7E-47F9-8565-5A17234BCE38}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{E070D777-6C49-406D-9BAD-5337E779223D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{E5F3358A-2332-4DED-BC89-B65561B02E31}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ED0C4905-69D4-46DF-BCA2-2C3203820B47}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{EF312CDD-3D12-41D7-93F4-16DE003A8C7A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F0209854-12B1-483B-B418-EF611ADE8E68}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FD8D2525-ADB8-42F8-8573-B2494134B995}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{280DFF0D-0A3D-4ADC-BA55-37AFC9BFF6E3}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{1AEEB339-BDF6-4632-89AA-106098944036}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8
"{1D33EC42-4787-56CD-8137-95D8418FFEE8}" = AMD Problem Report Wizard
"{217428D1-0614-4CF0-2A11-D7D56BB8CCDE}" = AMD Fuel
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6F483F38-6162-7606-1D0B-054852C8E011}" = AMD Catalyst Install Manager
"{7BB73073-D580-213A-E05E-7B5714364F66}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D2DB454C-645C-448A-A0B9-B6F6C1D75BA8}" = Garmin Communicator Plugin x64
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"B1DB84625D7FECA6453554F413370095992F93CF" = Windows Driver Package - Mytrakhealth System Inc. (WinUSB) MytrakhealthDevice (10/02/2009 2.0.0)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0FBFA28A-C373-53BD-C553-58D6F6553D92}" = CCC Help Hungarian
"{11E875AA-DF42-811E-96D9-5054A5A474B5}" = CCC Help English
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{1270EE0A-2E34-4BB1-B0E7-CF8DB6F1FE75}" = IObit Apps Toolbar v7.4
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1E4062A9-EC7A-A6E9-348E-58B30D6EEADA}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2C03C54D-7F31-411E-8D4D-05855108FE78}" = Mytrak Manager
"{2CE4119A-FF7F-3EE6-42A4-EB53C6057FFE}" = Zinio Reader 4
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4647B1E4-9907-4A58-963C-E785DF674C3E}" = TurboTax 2010 wpaiper
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CA54C97-67B1-4507-9BE0-0ED39C24FA32}" = TurboTax 2012 wpaiper
"{4F01D33E-6FDF-2A63-8AD9-CBDC4735E80D}" = CCC Help Danish
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{50BFCE80-042B-E53F-05EF-ACA0CC16A0DF}" = Catalyst Control Center Graphics Previews Common
"{5932BF1B-BD27-D808-7D5C-B9C0CD9063B3}" = AMD VISION Engine Control Center
"{597D764C-00A1-B174-33C2-93C9A4E73E21}" = CCC Help Russian
"{59BF122E-4B7D-C1E7-EED3-8DF7E4DAD238}" = Catalyst Control Center Localization All
"{59EC01D4-E48A-49C8-BE02-3B3B986DF752}" = TestCheck
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6446F083-76CD-553B-8261-0E1297A7214C}" = CCC Help Finnish
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6C4AD4F5-8560-4F1E-BC0C-7A883B695F6E}" = CCC Help Swedish
"{6C528316-05A0-4594-A949-94B792EC396C}" = TurboTax 2011 wpaiper
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6E594B4E-D394-BDEE-E9FF-4E6EBC30FB3A}" = CCC Help Greek
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{722D6A37-C815-1945-1EE8-091348F3D388}" = CCC Help Chinese Standard
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{768A7F56-650B-F84F-DF95-EB1926AB5A8F}" = CCC Help Portuguese
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82159924-85AB-EF31-6A3B-862897A4CD20}" = Catalyst Control Center InstallProxy
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89EC099E-958D-462E-972C-385591946978}" = TurboTax 2012 WinPerFedFormset
"{8A368DA6-3814-A344-BB1E-C8EB69B865B6}" = CCC Help Chinese Traditional
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PUBLISHERR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PUBLISHERR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PUBLISHERR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PUBLISHERR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHERR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PUBLISHERR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PUBLISHERR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PUBLISHERR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PUBLISHERR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PUBLISHERR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90BA5BAB-4108-5CC7-8421-00EEAD6D51DF}" = CCC Help Czech
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0019-0000-0000-0000000FF1CE}" = Microsoft Office Publisher 2010
"{91140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHERR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{912CED74-88D3-4C5B-ACB0-13231864975D}" = PressReader
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{91E8293B-C357-D092-8CCB-E19DA083D86C}" = CCC Help Turkish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D7E098D-5693-D2F9-BBE5-4F5A56032FB4}" = CCC Help Thai
"{A1BBB15D-7A76-A03F-1593-8237E0BC0F63}" = CCC Help French
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}" = TurboTax 2012 WinPerTaxSupport
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{ACA45C32-8432-2058-BE80-006E7908D804}" = CCC Help Italian
"{AE1EC58E-B2AC-4959-A4C2-C38202A25239}" = Garmin WebUpdater
"{B199030E-1082-F3BF-2BB9-0080D72876BD}" = CCC Help Dutch
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B7B3C4FA-98FE-FEC7-073E-00677B8F0978}" = CCC Help Norwegian
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BDDA1E1E-204E-4368-B0C2-737F16B76307}" = HP MediaSmart/TouchSmart Netflix
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB5F6422-502E-477C-B31D-25ECE8F829E6}" = Garmin ANT Agent
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D42498FB-9561-9575-C2AC-766F737F4ACF}" = CCC Help Japanese
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE159A8E-3D90-4E91-8906-D078CCAE4DED}" = Catalyst Control Center - Branding
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DE89F007-B75E-368D-47D2-ADE9AF616261}" = HydraVision
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E83F5F27-43F3-4163-ABE5-F68C989286ED}" = TurboTax 2012 wrapper
"{E883466C-77EC-44AC-8EC8-417A4A16AB3F}" = Garmin Communicator Plugin
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EE7DF38A-750E-FF7E-44FB-6335009442CB}" = CCC Help Polish
"{F014B696-28C5-4554-802F-A15380418F53}" = TurboTax 2012 WinPerReleaseEngine
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F62C60A3-2E8A-8108-2F87-5CDD5A4E3162}" = CCC Help Korean
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FFCF34B9-A0B1-2E2B-7D7E-8FAB4A781CC9}" = CCC Help German
"AccelerateTab_is1" = AccelerateTab
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Comcast" = EasySolve
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyTomTom" = MyTomTom 3.2.0.802
"Mytrak Manager" = Mytrak Manager
"MYTRAK Manager Installer" = MYTRAK Manager Installer
"MYTRAK Sync Manager" = MYTRAK Sync Manager
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Office14.PUBLISHERR" = Microsoft Publisher 2010
"PDF Complete" = PDF Complete Special Edition
"Savings Bond Wizard" = Savings Bond Wizard
"TurboTax 2010" = TurboTax 2010
"TurboTax 2011" = TurboTax 2011
"TurboTax 2012" = TurboTax 2012
"TweakNow PowerPack 2011_is1" = TweakNow PowerPack 2011
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"HuluDesktop" = Hulu Desktop
"JoinMe" = join.me

========== Last 20 Event Log Errors ==========

[ Hewlett-Packard Events ]
Error - 7/26/2012 10:38:29 PM | Computer Name = Jeff-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 9/7/2012 1:48:55 PM | Computer Name = Jeff-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 9/14/2012 5:47:59 AM | Computer Name = Jeff-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 3839 Ram Utilization: 20 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 9/14/2012 6:04:13 AM | Computer Name = Jeff-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087HPSF.exe Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 3839 Ram Utilization: 30 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 10/26/2012 1:55:51 PM | Computer Name = Jeff-HP | Source = hpsa_service.exe | ID = 2000
Description =

Error - 10/26/2012 1:57:51 PM | Computer Name = Jeff-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 3839 Ram Utilization: 20 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 10/26/2012 1:58:12 PM | Computer Name = Jeff-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 10/26/2012 1:58:12 PM | Computer Name = Jeff-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 12/1/2012 9:03:04 PM | Computer Name = Jeff-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HPSFConfigReader.ConfigHelper.getTranslationLocale()

at HPSFConfigReader.ConfigHelper..ctor() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Message: Object reference not set to an instance of an object. StackTrace:
at HPSFConfigReader.ConfigHelper.getTranslationLocale() at HPSFConfigReader.ConfigHelper..ctor()

at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Source: HPSFConfigReader Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3839
Ram
Utilization: 50 TargetSite: System.String getTranslationLocale()

Error - 12/1/2012 9:03:13 PM | Computer Name = Jeff-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146232828HPSF.exe at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()

at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerCompletedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)

at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Message:
An exception occurred during the operation, making the result invalid. Check InnerException
for exception details. StackTrace: at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()

at System.ComponentModel.RunWorkerCompletedEventArgs.get_Result() at HP.SupportAssistant.UI.HPAMain.bgNet_RunWorkerCompleted(Object
sender, RunWorkerCompletedEventArgs e) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerCompletedEventArgs
e) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)

at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Source:
System InnerException.Message: Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml'. Name: HPSF.exe Version: 06.00.01.01 Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
3839 Ram Utilization: 50 TargetSite: Void RaiseExceptionIfNecessary()


< End of report >



I appreciate the help!!
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Uninstall
Java™ 6 Update 22
McAfee Security Scan Plus

Copy the text in the code box by highlighting and Ctrl + c

:OTL
IE:64bit: - HKLM\..\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes,DefaultScope = {B25438C7-83DC-4FD1-8A43-1B47DB0CC69D}
IE - HKCU\..\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{B25438C7-83DC-4FD1-8A43-1B47DB0CC69D}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}: "URL" = http://search.yahoo....psg&type=HPDTDF
FF - prefs.js..extensions.enabledAddons: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p="
[2013/08/16 11:49:47 | 000,000,000 | ---D | M] (TopArcadeHits) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}
[2013/08/20 12:00:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/08/23 14:22:03 | 000,000,904 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\searchplugins\yahoo.xml
[2013/08/16 15:12:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.
It appears that Old Timer is now hiding the log in c:\_OTL\MovedFiles\08302013-some number.log so look there if you don't see it.


Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



Download aswMBR.exe to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply


Run OTL, Quickscan and post the log. Are you still seeing signs of TopArcade?
  • 0

#5
jtasch

jtasch

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
First OTL log:
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B25438C7-83DC-4FD1-8A43-1B47DB0CC69D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B25438C7-83DC-4FD1-8A43-1B47DB0CC69D}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}\ not found.
Prefs.js: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0 removed from extensions.enabledAddons
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: "http://search.yahoo....type=198484&p=" removed from keyword.URL
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3} folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\searchplugins\yahoo.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ not found.
C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Search Protection deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control Garmin Communicator Plug-In
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 41620 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jeff
->Flash cache emptied: 35654 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Jeff
->Java cache emptied: 759468 bytes

User: Public

Total Java Files Cleaned = 1.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08302013_203643




Malwarebytes log:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.30.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Jeff :: JEFF-HP [administrator]

8/30/2013 8:47:43 PM
mbam-log-2013-08-30 (20-47-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 221854
Time elapsed: 6 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 8
HKCR\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
HKCR\SpeedDial.TSpeedDial (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AccelerateTab_is1 (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\SecureUpdateSvc (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SYSTEM\CurrentControlSet\Services\SecureUpdateSvc|ImagePath (PUP.Optional.SpeedDial.A) -> Data: C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 250
C:\Program Files (x86)\Secure Speed Dial (PUP.Optional.SpeedDial.A) -> Delete on reboot.
C:\Program Files (x86)\Secure Speed Dial\Chrome (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0 (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\css (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ar (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bn (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ca (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\cs (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\da (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\de (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\el (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en-US (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en_GB (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es_419 (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\et (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fa (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fil (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\gu (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\he (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hu (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\id (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\it (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ja (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\kn (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ko (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lt (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lv (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ms (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\nl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\no (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_BR (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_PT (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ro (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ru (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sk (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sv (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sw (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ta (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\te (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\th (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\tr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\uk (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\vi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_CN (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_TW (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected] (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\defaults (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\defaults\preferences (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ar (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\bg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\bn (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ca (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\cs (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\da (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\de (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\el (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\en (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\en-GB (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\en-US (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\es (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\es - 419 (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\et (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fa (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fil (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\gu (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\he (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\hi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\hr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\hu (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\id (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\it (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ja (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\kn (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ko (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\lt (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\lv (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\mr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ms (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\nl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\no (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\pl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\pt_BR (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\pt_PT (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ro (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ru (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sk (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sv (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sw (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ta (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\te (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\th (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\tr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\uk (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\vi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\zh-CN (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\zh-TW (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE (PUP.Optional.SpeedDial.A) -> Delete on reboot.
C:\Program Files (x86)\Secure Speed Dial\IE\update (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0 (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\css (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ar (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bn (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ca (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\cs (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\da (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\de (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\el (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en-US (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en_GB (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es_419 (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\et (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fa (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fil (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\gu (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\he (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hu (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\id (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\it (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ja (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\kn (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ko (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lt (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lv (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ms (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\nl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\no (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_BR (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_PT (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ro (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ru (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sk (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sv (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sw (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ta (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\te (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\th (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\tr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\uk (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\vi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_CN (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_TW (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected] (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\defaults (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\defaults\preferences (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ar (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\bg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\bn (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ca (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\cs (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\da (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\de (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\el (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\en (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\en-GB (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\en-US (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\es (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\es - 419 (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\et (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fa (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fil (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\gu (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\he (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\hi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\hr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\hu (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\id (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\it (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ja (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\kn (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ko (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\lt (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\lv (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\mr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ms (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\nl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\no (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\pl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\pt_BR (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\pt_PT (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ro (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ru (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sk (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sl (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sv (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sw (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ta (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\te (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\th (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\tr (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\uk (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\vi (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\zh-CN (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\zh-TW (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.

Files Detected: 407
C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (PUP.Optional.SpeedDial.A) -> Delete on reboot.
C:\Program Files (x86)\Secure Speed Dial\unins000.msg (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\unins000.dat (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\unins000.exe (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\config.ini (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background.html (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\CHANGLOG (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\icon128.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\icon16.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\icon48.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\index.html (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\logo.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\manifest.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background\attribution.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background\background.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache\amazon.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache\webstore.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache\welcome.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\css\style.css (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll\NPIdentityGen.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll\sqlite3.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\app.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\arr.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\arr_right.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\dlogo.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\fav.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\favf.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\folder.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\gsearch.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\ico_bing.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\ico_yahoo.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\noise.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\redline.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\setting.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\sharpdown.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_a.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_add.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_b.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_c.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_d.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_e.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_f.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_g.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_h.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\background.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\config.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\config_deploy.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\config_internal.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\content_append.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\global.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\include.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\jquery-ui-1.10.3.custom.min.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\jquery.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\md5.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\mustcache.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\stat.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\topsite.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ar\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bg\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bn\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ca\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\cs\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\da\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\de\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\el\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en-US\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en_GB\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es_419\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\et\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fa\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fi\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fil\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fr\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\gu\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\he\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hi\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hr\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hu\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\id\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\it\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ja\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\kn\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ko\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lt\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lv\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ms\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\nl\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\no\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pl\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_BR\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_PT\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ro\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ru\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sk\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sl\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sr\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sv\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sw\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ta\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\te\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\th\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\tr\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\uk\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\vi\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_CN\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_TW\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\amazon.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\bootstrap.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\build.xml (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\chrome.manifest (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\icon.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\icon64.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\install.rdf (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\newTab-20.xul (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\newTab.css (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\newTab.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\newTab.xul (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\newTabFF.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\NPIdentityGen.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\observe.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\observe.xul (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\speeddial.css (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\statsreq.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\defaults\preferences\speeddial.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\amazon.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\arr.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\gsearch.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\ico_bing.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\ico_yahoo.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\redline.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\setting.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg\bg_a.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg\bg_add.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg\bg_b.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg\bg_c.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg\bg_d.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg\bg_e.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg\bg_f.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg\bg_g.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg\bg_h.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ar\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\bg\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\bn\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ca\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\cs\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\da\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\de\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\el\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\en\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\en-GB\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\en-US\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\es\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\es - 419\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\et\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fa\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fi\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fil\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\gu\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\he\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\hi\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\hr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\hu\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\id\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\it\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ja\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\kn\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ko\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\lt\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\lv\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\mr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ms\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\nl\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\no\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\pl\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\pt_BR\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\pt_PT\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ro\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ru\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sk\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sl\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sv\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sw\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ta\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\te\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\th\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\tr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\uk\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\vi\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\zh-CN\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\zh-TW\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\Data.dat (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\Data.dat.bak (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\Filter.dat (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\GetDBCache_x64.exe (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\GetEseDbInfo.exe (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\HandleInfo.dat (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\libesedb.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\LiveUpdateSrvUpt.log (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\main.ini (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\msvcr100.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.log (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\sqlite3.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\system.ini (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\update\update.spt (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\SecureUpdate.exe (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\SpeedDial.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\config.ini (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background.html (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\CHANGLOG (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\icon128.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\icon16.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\icon48.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\index.html (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\logo.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\manifest.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background\attribution.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background\background.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache\amazon.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache\webstore.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache\welcome.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\css\style.css (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll\NPIdentityGen.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll\sqlite3.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\app.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\arr.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\arr_right.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\dlogo.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\fav.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\favf.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\folder.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\gsearch.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\ico_bing.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\ico_yahoo.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\noise.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\redline.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\setting.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\sharpdown.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_a.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_add.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_b.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_c.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_d.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_e.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_f.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_g.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg\bg_h.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\background.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\config.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\config_deploy.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\config_internal.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\content_append.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\global.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\include.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\jquery-ui-1.10.3.custom.min.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\jquery.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\md5.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\mustcache.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\stat.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js\topsite.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ar\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bg\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bn\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ca\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\cs\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\da\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\de\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\el\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en-US\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en_GB\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es_419\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\et\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fa\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fi\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fil\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fr\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\gu\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\he\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hi\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hr\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hu\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\id\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\it\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ja\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\kn\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ko\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lt\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lv\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ms\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\nl\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\no\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pl\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_BR\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_PT\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ro\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ru\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sk\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sl\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sr\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sv\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sw\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ta\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\te\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\th\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\tr\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\uk\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\vi\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_CN\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_TW\messages.json (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\amazon.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\bootstrap.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\build.xml (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\chrome.manifest (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\icon.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\icon64.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\install.rdf (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\newTab-20.xul (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\newTab.css (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\newTab.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\newTab.xul (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\newTabFF.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\NPIdentityGen.dll (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\observe.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\observe.xul (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\speeddial.css (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\statsreq.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\defaults\preferences\speeddial.js (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\amazon.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\arr.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\gsearch.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\ico_bing.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\ico_yahoo.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\redline.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\setting.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg\bg_a.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg\bg_add.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg\bg_b.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg\bg_c.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg\bg_d.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg\bg_e.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg\bg_f.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg\bg_g.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg\bg_h.png (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ar\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\bg\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\bn\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ca\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\cs\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\da\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\de\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\el\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\en\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\en-GB\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\en-US\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\es\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\es - 419\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\et\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fa\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fi\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fil\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\gu\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\he\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\hi\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\hr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\hu\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\id\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\it\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ja\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\kn\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ko\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\lt\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\lv\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\mr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ms\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\nl\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\no\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\pl\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\pt_BR\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\pt_PT\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ro\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ru\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sk\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sl\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sv\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sw\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ta\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\te\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\th\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\tr\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\uk\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\vi\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\zh-CN\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\zh-TW\options.dtd (PUP.Optional.SpeedDial.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome.manifest (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\icon.png (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\install.rdf (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content\browser.xul (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content\toparcadehits.js (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin\style.css (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.

(end)


aswMBR Log:

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-08-30 21:10:14
-----------------------------
21:10:14.719 OS Version: Windows x64 6.1.7601 Service Pack 1
21:10:14.719 Number of processors: 2 586 0x603
21:10:14.719 ComputerName: JEFF-HP UserName: Jeff
21:10:17.839 Initialize success
21:10:21.349 AVAST engine defs: 13083001
21:10:38.275 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000058
21:10:38.275 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 11
21:10:38.353 Disk 0 MBR read successfully
21:10:38.353 Disk 0 MBR scan
21:10:38.353 Disk 0 unknown MBR code
21:10:38.353 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:10:38.368 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 597652 MB offset 206848
21:10:38.415 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12726 MB offset 1224198144
21:10:38.446 Disk 0 scanning C:\Windows\system32\drivers
21:10:50.880 Service scanning
21:11:10.209 Modules scanning
21:11:12.471 AVAST engine scan C:\Windows
21:11:16.402 AVAST engine scan C:\Windows\system32
21:14:14.636 AVAST engine scan C:\Windows\system32\drivers
21:14:26.460 AVAST engine scan C:\Users\Jeff
21:25:21.351 AVAST engine scan C:\ProgramData
21:28:48.849 Scan finished successfully
21:29:53.807 Disk 0 MBR has been saved successfully to "C:\Users\Jeff\Desktop\MBR.dat"
21:29:53.807 The log file has been saved successfully to "C:\Users\Jeff\Desktop\aswMBR.txt"



Last OTL log:
OTL logfile created on: 8/30/2013 9:30:21 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jeff\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 50.22% Memory free
7.50 Gb Paging File | 5.57 Gb Available in Paging File | 74.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.64 Gb Total Space | 460.77 Gb Free Space | 78.95% Space Free | Partition Type: NTFS
Drive D: | 12.43 Gb Total Space | 1.52 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: JEFF-HP | User Name: Jeff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/30 07:50:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jeff\Downloads\OTL.exe
PRC - [2013/08/17 11:38:59 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2013/08/17 11:38:58 | 001,737,728 | ---- | M] (Lavasoft Limited ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2013/07/15 17:09:24 | 000,554,384 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013/03/22 06:07:16 | 000,248,208 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012/12/10 18:12:38 | 000,369,152 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
PRC - [2012/12/10 18:12:02 | 000,225,280 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe
PRC - [2012/09/10 16:43:59 | 001,085,312 | ---- | M] (MYTRAK Health Systems Inc.) -- C:\Program Files (x86)\MYTRAKHealth\MytrakM2\Mytrak Manager.exe
PRC - [2012/09/10 04:17:48 | 000,436,728 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
PRC - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/03/23 16:09:38 | 014,749,544 | ---- | M] (GARMIN Corp.) -- C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/06/17 20:59:40 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/14 07:31:54 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\91c0925fd175c895d367e2d54b395ddd\Microsoft.VisualBasic.ni.dll
MOD - [2013/08/14 07:31:42 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/14 07:24:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e06dbdafb38c38517aef61ac41e2fd9d\System.Runtime.Remoting.ni.dll
MOD - [2013/08/14 07:24:01 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/14 07:23:45 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\930e99b2f62cea8c4aa070527d15f748\PresentationFramework.ni.dll
MOD - [2013/08/14 07:23:32 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/14 07:23:26 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 07:23:24 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\585b8f6cc7ba86886462d0dc9753c98f\PresentationCore.ni.dll
MOD - [2013/08/14 07:23:13 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013/08/14 07:23:06 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 07:23:03 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/14 07:22:54 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/12 03:39:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/12 03:38:50 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/09/10 04:17:56 | 000,025,592 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll
MOD - [2012/09/10 04:17:52 | 000,254,968 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
MOD - [2012/09/10 04:17:50 | 000,073,720 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
MOD - [2012/02/04 15:31:24 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 02:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/11/04 21:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/09/28 15:00:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/09/28 15:00:30 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/09/28 15:00:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2010/06/17 21:11:58 | 001,699,384 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\PictureMover\EN-US\Presentation.dll
MOD - [2010/06/17 21:00:10 | 012,286,520 | ---- | M] () -- C:\Users\Jeff\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2009/07/13 21:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/12/10 18:12:38 | 000,460,288 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService64)
SRV:64bit: - [2011/10/13 15:44:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/06/30 03:42:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/08/18 20:35:52 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/17 11:38:58 | 001,737,728 | ---- | M] (Lavasoft Limited ) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2013/08/17 11:19:35 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/12/10 18:12:38 | 000,369,152 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe -- (pcCMService)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/21 13:32:47 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/08/19 17:37:13 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/08/19 17:37:12 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/19 17:37:12 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/10 18:12:10 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2012/12/10 18:12:10 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2012/12/01 21:01:07 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/12/01 21:01:07 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/06/30 05:33:14 | 009,371,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/30 03:00:52 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/06/24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/05/17 17:44:46 | 000,044,480 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011/02/15 21:00:36 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/06/06 23:12:22 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/03/10 11:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/04 10:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/06 00:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/06 00:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/12/22 05:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/12/10 18:12:02 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2012/12/10 18:12:02 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2011/02/15 21:00:38 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2011/01/17 16:33:40 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {DD357DCE-0CA1-465E-A221-A6A713C6A0EB}
IE:64bit: - HKLM\..\SearchScopes\{03810A30-8A69-4246-BBBF-FA31110814D0}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{8D9DC65C-B5EE-42ED-BE83-35E7FC7E7DC3}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{F009BF0A-FDA5-4AC7-A2D6-E89815683A82}: "URL" = http://search.yahoo....psg&type=HPDTDF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {F009BF0A-FDA5-4AC7-A2D6-E89815683A82}
IE - HKCU\..\SearchScopes\{DD357DCE-0CA1-465E-A221-A6A713C6A0EB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0
FF - prefs.js..extensions.enabledAddons: speedtest%40gotomyhelp.com:1.2.5
FF - prefs.js..extensions.enabledAddons: speeddial%40instair.net:1.3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/08/19 05:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 15:12:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/16 15:12:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 15:12:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/16 15:12:44 | 000,000,000 | ---D | M]

[2011/07/16 20:54:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions
[2011/07/16 20:54:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/08/30 20:36:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions
[2013/03/03 18:19:59 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013/08/23 14:23:27 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2013/08/18 20:39:31 | 001,312,907 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2013/08/16 15:17:46 | 000,040,102 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\[email protected]
[2012/06/17 20:50:24 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2013/07/31 17:27:12 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\0y3yoj76.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/17 11:50:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/16 15:12:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/17 11:19:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/30 20:36:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
File not found (No name found) -- C:\USERS\JEFF\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec\1.0_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.16_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp\1.0.0_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn\1.1_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: No name found = C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Comcast_McciTrayApp] C:\Program Files\Comcast\pcTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKCU..\Run: [Mytrak Manager.exe] C:\Program Files (x86)\MYTRAKHealth\MytrakM2\Mytrak Manager.exe (MYTRAK Health Systems Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75F26F4E-BF2F-4DA2-9E6B-2D467FA45299}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/30 20:40:30 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Local\adawarebp
[2013/08/30 20:36:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/30 14:38:25 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/08/30 14:16:36 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/21 13:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/08/21 13:33:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013/08/18 21:16:49 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Local\Programs
[2013/08/18 20:46:29 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\LavasoftStatistics
[2013/08/18 20:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/08/18 20:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/08/18 20:42:14 | 000,047,496 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2013/08/18 20:42:14 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/08/18 20:42:14 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\Ad-Aware Antivirus
[2013/08/17 12:02:37 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\Comcast
[2013/08/17 11:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comcast
[2013/08/17 11:52:43 | 000,000,000 | ---D | C] -- C:\Users\Jeff\AppData\Roaming\Motive
[2013/08/17 11:51:27 | 000,000,000 | ---D | C] -- C:\Program Files\Comcast
[2013/08/17 11:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comcast
[2013/08/17 11:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Motive
[2013/08/17 11:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2013/08/17 11:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2013/08/16 15:12:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/14 06:48:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT

========== Files - Modified Within 30 Days ==========

[2013/08/30 21:29:53 | 000,000,512 | ---- | M] () -- C:\Users\Jeff\Desktop\MBR.dat
[2013/08/30 21:23:10 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/30 21:12:34 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/30 21:12:34 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/30 21:11:03 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2524325385-2811533165-4068426589-1001UA.job
[2013/08/30 21:07:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/30 21:04:52 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2013/08/30 21:04:18 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/30 21:03:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/30 21:03:40 | 3019,333,632 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/30 14:48:24 | 000,001,091 | ---- | M] () -- C:\Users\Jeff\Desktop\OTL - Shortcut.lnk
[2013/08/30 02:11:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2524325385-2811533165-4068426589-1001Core.job
[2013/08/29 17:33:43 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2013/08/29 17:33:43 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2013/08/21 13:59:30 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/08/21 13:32:47 | 000,047,496 | ---- | M] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2013/08/21 13:32:47 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013/08/21 10:33:20 | 000,731,422 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/21 10:33:20 | 000,627,556 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/21 10:33:20 | 000,107,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/19 17:37:13 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/08/19 17:37:13 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013/08/19 17:37:12 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/08/19 17:37:12 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/08/19 17:37:12 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013/08/19 17:37:12 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013/08/19 05:37:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/08/18 21:17:11 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/17 11:52:44 | 000,002,159 | ---- | M] () -- C:\Users\Jeff\Desktop\EasySolve.lnk
[2013/08/17 11:39:14 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2013/08/17 11:39:12 | 000,016,432 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2013/08/17 11:19:46 | 000,002,050 | ---- | M] () -- C:\Users\Jeff\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/08/15 17:31:14 | 000,268,968 | ---- | M] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/08/14 18:30:03 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJeff.job
[2013/08/06 20:50:01 | 000,001,213 | ---- | M] () -- C:\Users\Jeff\Documents\JEFFS BONDS.SBW.bak
[2013/08/06 20:50:01 | 000,001,213 | ---- | M] () -- C:\Users\Jeff\Documents\Jeffs Bonds.sbw

========== Files Created - No Company Name ==========

[2013/08/30 21:29:53 | 000,000,512 | ---- | C] () -- C:\Users\Jeff\Desktop\MBR.dat
[2013/08/30 14:48:24 | 000,001,091 | ---- | C] () -- C:\Users\Jeff\Desktop\OTL - Shortcut.lnk
[2013/08/30 14:27:48 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2013/08/23 14:23:25 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/08/21 13:59:30 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/08/19 17:37:13 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013/08/19 17:37:13 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013/08/19 17:37:13 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013/08/19 05:37:08 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/08/19 05:37:08 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/08/17 11:52:44 | 000,002,159 | ---- | C] () -- C:\Users\Jeff\Desktop\EasySolve.lnk
[2013/08/17 11:39:35 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2013/08/17 11:39:35 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2013/08/04 08:59:00 | 000,001,213 | ---- | C] () -- C:\Users\Jeff\Documents\JEFFS BONDS.SBW.bak
[2013/08/04 08:59:00 | 000,001,213 | ---- | C] () -- C:\Users\Jeff\Documents\Jeffs Bonds.sbw
[2012/02/22 21:54:48 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/02/10 20:46:20 | 000,000,629 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/10/13 15:53:18 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/13 15:53:02 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/08 20:14:05 | 000,000,254 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/10/08 20:14:05 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/10/08 20:13:31 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/10/08 16:56:32 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2011/01/17 16:20:05 | 000,007,606 | ---- | C] () -- C:\Users\Jeff\AppData\Local\Resmon.ResmonCfg
[2011/01/13 22:21:34 | 000,038,450 | ---- | C] () -- C:\Users\Jeff\AppData\Roaming\Comma Separated Values (Windows).ADR
[2011/01/13 22:20:46 | 000,009,337 | ---- | C] () -- C:\Users\Jeff\AppData\Roaming\Comma Separated Values (Windows).EML

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/18 20:42:14 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\Ad-Aware Antivirus
[2013/08/17 12:02:37 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\Comcast
[2012/10/14 18:03:41 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\Garmin
[2012/11/09 18:30:34 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\IObit
[2011/03/25 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\OpenOffice.org
[2011/01/13 21:12:50 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\PictureMover
[2012/02/18 08:20:20 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\ScanSoft
[2011/07/16 20:54:16 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\TomTom
[2011/01/13 21:40:39 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\TP
[2011/03/17 20:50:23 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\TweakNow PowerPack 2011
[2011/01/14 17:17:41 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\WinBatch
[2012/02/18 08:20:27 | 000,000,000 | ---D | M] -- C:\Users\Jeff\AppData\Roaming\Zeon

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Users\Jeff\AppData\Roaming\Comma Separated Values (Windows).EML:OECustomProperty

< End of report >


No signs of TopArcadeHits after about 40 minutes surfing...I think I would have seen it by now...actually saw it on this page before your help - now nothing!

I really appreciate the time spent to help me -- Thank you very much!!!

Jeff
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
There is still one entry in Firefox:

FF - prefs.js..extensions.enabledAddons: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0

But the underlying software has been killed off.


File not found (No name found) -- C:\USERS\JEFF\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}

We can try to remove the last remnants with another OTL run:

:OTL
FF - prefs.js..extensions.enabledAddons: %7B0113D088-8ED1-468C-B225-585A9C53B5E3%7D:1.0
File not found (No name found) -- C:\USERS\JEFF\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}




then Rightclick on OTL and select Run As Administrator to start. Close Firefox. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL should not need to reboot the PC when it is done.

I would let Avast run a boot time scan sometime while you sleep. It's a very good scan but takes about 7 hours on my PC.

I assume you have the latest version of Avast:


First mute the speakers so it won't wake you up when Windows loads. Click on the Orange ball. Click on Security. Click on AntiVirus. Scroll down to the bottom and find Boot-time scan. Click on Settings. Where it says Heuristic Sensitivity click on the last rectangle so that all of them are orange and it says High. Make sure both boxes are checked. Then change When a threat is found ... to: Move to Chest. OK. Now click on Schedule Now. Close the Avast window and then reboot. The scan will start. It will tell you where it will save the report. Usually it's
C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location. When Windows loads Click on the Orange Ball then Maintenance then Scan Logs. Click on the Boot-time scan log and then View Results. If it found anything then open the saved Report and copy and paste the text into a reply so I can see it.


Unless you see other problems I think we are done and can clean up


You can uninstall or delete any tools we had you download and their logs.

OTL has a cleanup tab but DO NOT USE IT!. There are reports that it leaves the PC unbootable. Instead just delete OTL.exe and the folder c:\_OTL.

To hide hidden files again:

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.
Seems to work best if Firefox is the default browser. Windows always hides its icon so you need to unhide it. Click on the up arrow to the left of the clock. Then click on Customize. Maximize the window so you can see all of the options. Scroll Down and find the File Hippo UpdateChecker and change its Behaviors to Show Icon and Notifications. OK. When you reboot you should see the icon. It will take it a minute to finish checking then it will put up a bubble if you need to update something. Click on the bubble and it should open in your browser. (Seems to work best if it uses Firefox. If you do not use Firefox as your default browser then right click on the icon and click on Settings. Then on Results. Change the Open Results in Default Browser to Custom Browser and then select the line that has Firefox.exe in it. While there, also check Hide Beta Versions. OK. ) You will see a list of programs that have updates with green down arrows next to them. You do not need to download any Beta Versions. There is an option Settings to Hide Beta Versions. I do not advise updating Windows Messenger unless you really use it so I right click on the Icon and Customize Results then find Microsoft Messenger and change Show All Releases to Hide All Releases. OK.

You can also try Secunia PSI http://secunia.com/v...l/download_psi/ Same kind of info. You don't need both.
If you use Firefox then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: http://simple-adblock.com/
The free version only blocks 200 ads a day so another reason to use Firefox or Chrome.

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . You can run it any time that Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.


If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Special note on Java. Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 9 or better. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE. Get the latest version from Java.com. They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download. Just uncheck the garbage before the download (or install) starts. If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it. IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level. OK.

Make sure Windows Updates is turned and that it works. Go to Control panel, Windows Updates and see if it works.

If you are feeling especially paranoid you can install the free firewall called Online Armor:
http://www.online-armor.com/


My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's a local environmental organization that I volunteer with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)

Ron
  • 0

#7
jtasch

jtasch

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
I have removed the Firefox entry as instructed and will follow the remainder of instructions. Have seen no signs of TopArcadeHits - Thanks again!!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP