Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

MalSign.Generic.DE7 [Solved]

Speedial MyPCBackup SearchSnacks YTDToolbar

  • This topic is locked This topic is locked
16 replies to this topic

#1 Jaclyn

Jaclyn

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 12 June 2014 - 08:51 PM

Speedial is now the homepage oh all the browsers.  It changes back to Speedial after I try to change it.  Malwarebytes found over 500 objects to address, some listed as tags. AVG found 2. Uninstalled all sorts of programs.  

 

 

OTL.txt

OTL logfile created on: 6/12/2014 10:20:49 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jack\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.91 Gb Total Physical Memory | 3.18 Gb Available Physical Memory | 53.79% Memory free
11.82 Gb Paging File | 9.00 Gb Available in Paging File | 76.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.58 Gb Total Space | 802.67 Gb Free Space | 87.29% Space Free | Partition Type: NTFS
Drive D: | 11.83 Gb Total Space | 1.42 Gb Free Space | 11.98% Space Free | Partition Type: NTFS
Drive E: | 5.21 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: ZEKE-HP | User Name: Jack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jack\Desktop\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe ()
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe (Capital Intellect, Inc.)
PRC - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe (Capital Intellect, Inc.)
PRC - C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (HP)
PRC - C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe (HP)
PRC - C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe (HP)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
MOD - C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ()
MOD - C:\Users\Jack\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.3.470\wallpaper.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (LavasoftAdAwareService11) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe ()
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV - (GamesAppIntegrationService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (vToolbarUpdater18.1.7) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe (AVG Secure Search)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (BeFrugal.com Service) -- C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe (Capital Intellect, Inc.)
SRV - (CouponPrinterService) -- C:\Program Files (x86)\Coupons\CouponPrinterService.exe (Coupons.com Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (IntuitUpdateServiceV4) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
SRV - (FPLService) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe (HP)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (RoxioNow Service) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Roxio)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe (McAfee, Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (ssnfd) -- C:\Windows\SysNative\drivers\ssnfd.sys (Search Snacks)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (pmxdrv) -- C:\Windows\SysNative\drivers\pmxdrv.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...r=666191327&ir=
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{CBEE8B4A-B645-4BB3-985F-45A1625B4BE7}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Old Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = 127F532114A042D68770672FBA570C19
IE - HKCU\..\SearchScopes\{8542D6A7-F796-42C2-9B61-7D8CD69AB665}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={A3457976-4626-4AC7-B2D2-3FD701A259AF}&mid=b85a164e1fa547d1a124e92931667541-5a029d077e7b5f7f571ff45f2e716cc8fda31fef&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 00:14:08&v=18.1.6.542&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\..\SearchScopes\127F532114A042D68770672FBA570C19: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: ""
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\17\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/03 18:03:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.6.542 [2014/06/12 21:19:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/05/10 18:12:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/19 20:10:06 | 000,000,000 | ---D | M]
 
[2011/12/19 12:21:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\Mozilla\Extensions
[2014/06/12 22:13:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions
[2013/03/17 13:34:49 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2014/06/11 10:04:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/05/14 03:23:45 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
[2014/05/10 18:12:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/10 18:12:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/13 00:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/13 00:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/13 00:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/13 00:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2012/02/07 00:40:23 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll
[2009/09/13 00:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2009/09/13 00:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Speedial (Enabled)
CHR - default_search_provider: search_url = http://speedial.com/...r=666191327&ir=
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\NP5zStub.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: Website Logon = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_1\
CHR - Extension: Google Wallet = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
 
O1 HOSTS File: ([2012/09/07 21:26:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (BeFrugalIEHelper) - {2335A057-CBA6-40F6-A712-C6A7C98F7813} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.6.542\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (BeFrugal.com Toolbar) - {5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.6.542\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BFHP] C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe (Capital Intellect, Inc.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F6796A7-F9F3-4EB2-941F-1588FCCD102D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28FBD395-24E2-4F32-98ED-2DEECAAA333F}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/01/31 17:20:39 | 000,055,616 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/01/31 14:28:14 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/12 22:17:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL (1).exe
[2014/06/12 21:36:37 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/12 21:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/12 21:36:06 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/06/12 21:36:06 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/06/12 21:36:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/12 21:18:29 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\adawarebp
[2014/06/11 20:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2014/06/06 15:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2014/06/06 15:27:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014/06/06 15:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\Earth Networks
[2014/06/05 12:18:14 | 000,000,000 | ---D | C] -- C:\Program Files\SearchSnacks
[2014/06/05 12:15:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TidyNetwork
[2014/06/05 12:15:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/06/05 11:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2014/06/03 23:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/06/03 23:05:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/05/26 23:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_0414c
[2014/05/26 22:27:42 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\WinPatrol
[2014/05/26 18:57:10 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Lavasoft
[2014/05/26 18:48:31 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\LavasoftStatistics
[2014/05/26 18:10:20 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\MediaMonkey
[2014/05/26 18:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/05/26 18:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/05/26 17:59:48 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\AVG SafeGuard toolbar
[2014/05/14 03:06:11 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/14 03:06:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/14 03:05:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/13 23:48:05 | 017,938,608 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/05/13 23:14:15 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/13 23:14:14 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/13 23:14:03 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/13 23:14:03 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/13 23:14:03 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/05/13 23:14:03 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/13 23:14:03 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/13 23:14:02 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/13 23:14:02 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/13 23:14:02 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/13 23:14:02 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/13 23:14:02 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/13 23:14:02 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/13 23:14:02 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/13 23:14:02 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/13 23:14:02 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/13 23:14:02 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/13 23:14:02 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/13 23:14:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/13 23:14:01 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/13 23:14:01 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/13 23:14:01 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/13 23:14:01 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/13 23:14:01 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/13 23:14:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/03/29 16:43:11 | 014,823,424 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/12 22:22:53 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/12 22:22:53 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/12 22:20:00 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\Speedial.job
[2014/06/12 22:17:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL (1).exe
[2014/06/12 22:16:55 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/12 22:16:41 | 000,002,307 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/06/12 22:16:04 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/12 22:16:03 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0214b_rmv.job
[2014/06/12 22:16:00 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0214b_rel.job
[2014/06/12 22:15:54 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\BeFrugal.com Toolbar.job
[2014/06/12 22:15:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/12 22:15:10 | 463,351,807 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/12 21:48:11 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/12 21:40:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/12 21:36:08 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/12 21:19:18 | 000,003,750 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014/06/11 19:58:55 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/11 10:08:57 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForZeke.job
[2014/06/09 11:46:56 | 000,002,426 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2014/06/08 19:14:00 | 000,002,256 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 University Life.lnk
[2014/06/06 17:51:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForZEKE-HP$.job
[2014/06/06 16:44:59 | 000,002,114 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin
[2014/06/05 22:17:23 | 000,000,000 | ---- | M] () -- C:\END
[2014/06/05 12:17:08 | 000,028,672 | ---- | M] () -- C:\Windows\SysNative\bddel.exe
[2014/06/05 12:17:08 | 000,028,442 | ---- | M] () -- C:\Windows\SysNative\bddel.dat
[2014/06/05 11:07:04 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/05 11:07:04 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/05 11:07:04 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/05 11:02:54 | 000,050,464 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/06/01 19:15:14 | 000,002,184 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Seasons.lnk
[2014/05/26 17:59:01 | 000,000,632 | RHS- | M] () -- C:\Users\Jack\ntuser.pol
[2014/05/19 08:32:25 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/05/13 23:48:09 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/13 23:48:09 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/13 23:48:05 | 017,938,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/08 19:14:00 | 000,002,256 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 University Life.lnk
[2014/06/06 16:40:28 | 000,002,114 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin
[2014/06/06 15:20:05 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\Speedial.job
[2014/06/05 12:17:04 | 000,028,672 | ---- | C] () -- C:\Windows\SysNative\bddel.exe
[2014/06/05 12:17:04 | 000,028,442 | ---- | C] () -- C:\Windows\SysNative\bddel.dat
[2014/06/05 12:15:04 | 000,000,000 | ---- | C] () -- C:\END
[2014/06/01 19:15:14 | 000,002,184 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Seasons.lnk
[2014/05/26 18:09:23 | 000,002,307 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/04/19 00:13:31 | 000,003,750 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014/04/12 21:29:43 | 000,000,099 | ---- | C] () -- C:\Windows\Reimage.ini
[2012/09/05 22:21:38 | 000,027,520 | ---- | C] () -- C:\Users\Jack\AppData\Local\dt.dat
[2012/08/06 09:03:09 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/03/24 20:21:31 | 000,000,629 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/19 12:04:44 | 000,000,632 | RHS- | C] () -- C:\Users\Jack\ntuser.pol
[2011/10/05 17:30:50 | 000,002,792 | ---- | C] () -- C:\Program Files\HP SimplePass 2011
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/09/22 22:20:23 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\AVG2014
[2013/12/09 20:38:43 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\ICAClient
[2013/09/22 22:30:38 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Local
[2012/12/03 07:15:05 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Spotify
[2012/12/23 19:31:52 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\TuneUp Software
[2012/09/08 22:43:19 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\WildTangent
[2014/05/26 22:27:42 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\WinPatrol
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.ADML  >
[2010/11/21 03:06:30 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7ef5713984067904\Explorer.adml
 
< MD5 for: EXPLORER.ADMX  >
[2009/06/10 16:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx
 
< MD5 for: EXPLORER.EXE  >
[2011/10/05 17:07:07 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/10/05 17:07:07 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/10/05 17:07:07 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/10/05 17:07:07 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/10/05 17:07:07 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/10/05 17:07:07 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/10/05 17:07:07 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: EXPLORER.EXE.7500.DMP  >
[2012/03/04 20:23:46 | 002,648,071 | -H-- | M] () MD5=62F544E995D436E354C4CF2BD0E3967D -- C:\Users\Mike&Matt\AppData\Local\CrashDumps\explorer.exe.7500.dmp
 
< MD5 for: EXPLORER.EXE.MUI  >
[2010/11/21 03:06:17 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\en-US\explorer.exe.mui
[2010/11/21 03:06:17 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_61e778c48d52d19b\explorer.exe.mui
[2010/11/21 03:06:19 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2010/11/21 03:06:19 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6c3c2316c1b39396\explorer.exe.mui
 
< MD5 for: EXPLORER.EXE-A80E4F97.PF  >
[2014/06/12 22:00:40 | 000,194,156 | ---- | M] () MD5=41D6703BA46ABA6FCBFDBBA8BB277397 -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
 
< MD5 for: IEXPLORE.EXE  >
[2012/06/02 07:47:54 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=004640AB259C1572EBD5FB0A32F63686 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20553_none_0dbfc836999db0ca\iexplore.exe
[2013/01/08 21:53:45 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=0100BCF23941C83462E4A70F94C3392E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_0d2c5bc980874648\iexplore.exe
[2012/05/17 19:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_1798a687b4d6030f\iexplore.exe
[2014/03/07 21:59:00 | 000,811,728 | ---- | M] (Microsoft Corporation) MD5=0667ED9F8E905E1F73DB60ACCEDCBCA7 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/03/07 21:59:00 | 000,811,728 | ---- | M] (Microsoft Corporation) MD5=0667ED9F8E905E1F73DB60ACCEDCBCA7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_858ffb5bf711c81f\iexplore.exe
[2013/11/26 04:01:48 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_7b0d6f67c2d3f97a\iexplore.exe
[2013/05/16 22:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_20d88bb252a3770f\iexplore.exe
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe
[2012/11/13 22:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_178ed6e5b4dd3857\iexplore.exe
[2012/06/29 01:02:52 | 000,754,784 | ---- | M] (Microsoft Corporation) MD5=1223ACBFC1093852DFF039E189599BBD -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_0d45fcc9807373c2\iexplore.exe
[2013/07/26 02:23:39 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=133CEF30905806A35606652D409EEEBA -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_16893df21e3dcd43\iexplore.exe
[2013/08/10 02:31:28 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=1F3B062444AD6F667B5336E78D5A02B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_ffb36d2837eafb72\iexplore.exe
[2012/08/24 03:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_1787d4dfb4e386f6\iexplore.exe
[2013/02/22 03:04:50 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=25B53709A37C3FD814B68EA0A92D18F9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_0d238c71808d94e7\iexplore.exe
[2012/05/17 18:59:46 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=268982F1FD671A077C6A2AF41E351436 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_181271f4ce004017\iexplore.exe
[2012/10/08 04:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_178cd651b4df05a9\iexplore.exe
[2013/06/12 00:41:27 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=2A5F565327BFD679EC5F790DC15BBF25 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_0a0343986c500b78\iexplore.exe
[2012/08/24 07:23:44 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=2D53C5F71653EF94E7829846405D4ED2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_0d332a8d8082c4fb\iexplore.exe
[2013/06/11 20:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_20da757e52a1c35e\iexplore.exe
[2013/02/22 00:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_177836c3b4ee56e2\iexplore.exe
[2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Windows\erdnt\cache86\iexplore.exe
[2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16447_none_1799a6d1b4d51c66\iexplore.exe
[2013/08/10 02:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=351657C79B62B91E16A95AD23EA3710D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_168ab5d61e3c99b7\iexplore.exe
[2013/08/10 00:18:11 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_20df6028529d5bb2\iexplore.exe
[2013/05/16 21:57:28 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=3902E280F6117A468D5573343A7AA1F6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_09ffa3426c5372da\iexplore.exe
[2013/10/12 17:42:28 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=39D0074C59F6D1A62731942C7FA8B60B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_167ae4781e4936f5\iexplore.exe
[2014/03/01 18:02:17 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=3A3BEA53F039CE2E997A918E26E30B1D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_8557e945f73c23ff\iexplore.exe
[2013/10/12 05:49:48 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=3C8C00380462B1023C9F8EA2A9A7A137 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_ffa340aa37f7ff34\iexplore.exe
[2013/04/04 18:47:49 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=3F00BE80B9CEA20B7FE7363D15EDDB94 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16483_none_176a65f9b4f926ce\iexplore.exe
[2013/02/22 00:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_17f703a2ce14129d\iexplore.exe
[2014/02/06 18:24:01 | 000,808,152 | ---- | M] (Microsoft Corporation) MD5=4263F6C131E513CEA1AE82B5B81A4E1A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16518_none_85564983f73dbe0f\iexplore.exe
[2013/08/10 01:13:42 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=48A1306191216997F717C451B8D15139 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_0a08177a6c4bbd6d\iexplore.exe
[2012/10/08 08:29:46 | 000,754,848 | ---- | M] (Microsoft Corporation) MD5=49442BA6DCE4B4E3C1CB0AB193FE29AD -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_0d382bff807e43ae\iexplore.exe
[2012/05/17 22:51:05 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=4E99F42504A99D5024C2EFA015001937 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_0d43fc3580754114\iexplore.exe
[2014/06/02 02:03:18 | 000,810,200 | ---- | M] (Microsoft Corporation) MD5=4F2AA3E7BD7257E4937E071E3700819E -- C:\Windows\SoftwareDistribution\Download\e0e3274808cbc64c021ffcb005720a65\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_7b2e0ea1c2bb6f8c\iexplore.exe
[2012/08/24 06:49:07 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=5A150AFABB25BEA50CEDC8650A7B8A9E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20557_none_0dc3c95e999a1626\iexplore.exe
[2012/06/28 22:45:31 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=5D03518409F37D1483C98869D86E23FF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_0dc0c880999cca21\iexplore.exe
[2014/06/02 00:43:13 | 000,812,248 | ---- | M] (Microsoft Corporation) MD5=60F88F6CA6303E8273AF7AAA9AAFECAC -- C:\Windows\SoftwareDistribution\Download\e0e3274808cbc64c021ffcb005720a65\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17126_none_8582b8f3f71c3187\iexplore.exe
[2012/06/02 08:52:21 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=610F6596921C4BAA8834ADBB9BE272EE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16447_none_0d44fc7f80745a6b\iexplore.exe
[2012/08/24 03:49:25 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=62188720CE27B982B4285C03163C9FB3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20557_none_181873b0cdfad821\iexplore.exe
[2013/01/08 18:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_1781061bb4e80843\iexplore.exe
[2013/07/25 23:49:06 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_20dde844529e8f3e\iexplore.exe
[2013/02/02 04:09:12 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=7C2923004FFC497E54F38E835F108EE8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_0d9c579499b8b898\iexplore.exe
[2014/03/01 18:33:45 | 000,806,104 | ---- | M] (Microsoft Corporation) MD5=84BCBFB752B96543307E6602E669A95A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16521_none_7b033ef3c2db6204\iexplore.exe
[2010/11/20 23:24:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2013/07/26 01:47:06 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8D805B4EEEE0ECF6B604BE284978F135 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_ffb0112a37ee15f1\iexplore.exe
[2013/05/16 23:02:08 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8F00471CA24ADF8D2AFAACF856EB70A4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_ffaaf8f037f2b0df\iexplore.exe
[2011/10/05 17:03:01 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_17a944edb4ca4c7a\iexplore.exe
[2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_179aa71bb4d435bd\iexplore.exe
[2013/06/11 22:28:00 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=98C6F2A9A981A54222602B87C6310BDE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_1685cb2c1e410163\iexplore.exe
[2013/10/12 03:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_09f7eafc6c58c12f\iexplore.exe
[2013/04/04 21:55:57 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=A1B0DEC3BB845C6369F97BC1A3542A07 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16483_none_0d15bba7809864d3\iexplore.exe
[2013/02/02 00:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_17f101e6ce197a93\iexplore.exe
[2013/02/02 03:37:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=A8EBEBCD9F5C49475194099FCD276992 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_0d1d8ab58092fcdd\iexplore.exe
[2013/05/31 03:09:55 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_20e92fca5296266a\iexplore.exe
[2012/11/15 23:08:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=AC4957E154F750DF54F36ADC8E3E040D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_0db6f8de99a3ff69\iexplore.exe
[2013/02/22 03:17:45 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=B21A57AA4CB928059A0C0C58A9E77A02 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_0da2595099b350a2\iexplore.exe
[2012/06/02 04:51:58 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=BE967C74B89577B78FB57C061E12B04C -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20553_none_18147288cdfe72c5\iexplore.exe
[2013/04/04 17:55:02 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=C036AB1ED8BAC04FE4A349BA263077BB -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20593_none_17e932d8ce1ee289\iexplore.exe
[2013/04/04 20:40:37 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=C4A4F4AD91677DA1659A9ADE63746B8B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20593_none_0d94888699be208e\iexplore.exe
[2010/11/20 23:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
[2014/02/06 18:55:10 | 000,806,104 | ---- | M] (Microsoft Corporation) MD5=C6E1178294BDEAB1CACF50427688DF05 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16518_none_7b019f31c2dcfc14\iexplore.exe
[2013/11/26 04:01:50 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_856219b9f734bb75\iexplore.exe
[2013/06/12 03:51:43 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=CA88A25280B1D85ED0BC26B042ABBCCF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_ffae994637ef497d\iexplore.exe
[2013/05/31 03:09:52 | 000,775,232 | ---- | M] (Microsoft Corporation) MD5=CEA304830B4770BDA3572B87D0841848 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_169485781e35646f\iexplore.exe
[2012/10/08 04:22:05 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=CECB15F834FC2B4B150449717ADE18DD -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_1808a252ce07755f\iexplore.exe
[2013/09/22 19:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_20cf006852aa5f74\iexplore.exe
[2013/10/12 03:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_20cf8eca52a9f8f0\iexplore.exe
[2013/09/22 20:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_09f78a2a6c58f471\iexplore.exe
[2013/02/02 00:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_17723507b4f3bed8\iexplore.exe
[2013/07/26 01:09:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=E70D60B3A350BD09D86CDAD9CF55F36B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_0a04bb7c6c4ed7ec\iexplore.exe
[2013/09/22 21:55:58 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=E9F843E7E412AE9A507FD5ABBBD06462 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_ffa2dfd837f83276\iexplore.exe
[2014/03/07 22:34:14 | 000,809,680 | ---- | M] (Microsoft Corporation) MD5=EA8386CA87165460D39A1D29FF11080B -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/03/07 22:34:14 | 000,809,680 | ---- | M] (Microsoft Corporation) MD5=EA8386CA87165460D39A1D29FF11080B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17041_none_7b3b5109c2b10624\iexplore.exe
[2012/06/28 19:35:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=EB4105348272018D096FEB655CD1608C -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_181572d2cdfd8c1c\iexplore.exe
[2013/05/16 23:30:45 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=EDC77CF787FA015205936C9A3228486E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_1683e1601e42b514\iexplore.exe
[2013/01/08 20:51:57 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=EF1F6F41FB2C9BBB484B21017F380201 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_0daa285e99ade8ac\iexplore.exe
[2013/01/08 17:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_17fed2b0ce0eaaa7\iexplore.exe
[2011/10/05 17:03:01 | 000,754,480 | ---- | M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_0d549a9b80698a7f\iexplore.exe
[2012/10/08 07:09:10 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=F61714ABCF9BF0CEF0A6249AD4FD490B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_0db3f80099a6b364\iexplore.exe
[2012/11/13 22:19:28 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F691418EE9A6344AEB5C1B0518FBF8AE -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_180ba330ce04c164\iexplore.exe
[2013/09/22 21:25:59 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=F6A7D9C0BC326F695526069C1DA1E8B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_167a56161e499d79\iexplore.exe
[2012/05/17 21:37:57 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=F8B2D47ED17C1D087D14EC747E5AC57A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_0dbdc7a2999f7e1c\iexplore.exe
[2012/11/14 03:11:18 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=FD0D2E1FAEBAE5031BE2EB8000D973F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_0d3a2c93807c765c\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.12632.DMP  >
[2014/04/03 17:11:10 | 002,225,165 | ---- | M] () MD5=FB1D859D06A4FB640CB675AEBEBAA467 -- C:\Users\Zeke\AppData\Local\CrashDumps\iexplore.exe.12632.dmp
 
< MD5 for: IEXPLORE.EXE.16044.DMP  >
[2014/03/15 14:54:02 | 008,294,571 | ---- | M] () MD5=771F411136A5E551B86B4CA877595409 -- C:\Users\Zeke\AppData\Local\CrashDumps\iexplore.exe.16044.dmp
 
< MD5 for: IEXPLORE.EXE.164.DMP  >
[2012/09/08 11:23:37 | 004,525,546 | ---- | M] () MD5=917136BD9D7BBE757A37B3C281F8B06F -- C:\Users\Jack\AppData\Local\CrashDumps\iexplore.exe.164.dmp
 
< MD5 for: IEXPLORE.EXE.29868.DMP  >
[2014/03/27 23:16:25 | 005,560,399 | ---- | M] () MD5=7D330C3AB23455B9225EC0B81F7B2572 -- C:\Users\Zeke\AppData\Local\CrashDumps\iexplore.exe.29868.dmp
 
< MD5 for: IEXPLORE.EXE.3440.DMP  >
[2014/04/03 17:11:59 | 002,196,340 | ---- | M] () MD5=2DB482EAC45697BB3F8412A13FEC072D -- C:\Users\Zeke\AppData\Local\CrashDumps\iexplore.exe.3440.dmp
 
< MD5 for: IEXPLORE.EXE.47972.DMP  >
[2014/03/27 21:29:36 | 004,918,763 | ---- | M] () MD5=3B456DBB8D7E55EABC0B6D9235CA69AD -- C:\Users\Zeke\AppData\Local\CrashDumps\iexplore.exe.47972.dmp
 
< MD5 for: IEXPLORE.EXE.8400.DMP  >
[2012/04/29 19:42:57 | 002,592,331 | -H-- | M] () MD5=D826B366F9FC207B2A402A5C6E11164A -- C:\Users\Mike&Matt\AppData\Local\CrashDumps\iexplore.exe.8400.dmp
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2013/11/26 04:01:50 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/11/26 04:01:48 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/11/26 04:01:48 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_74ba04defa813a61\iexplore.exe.mui
[2013/11/26 04:01:50 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_7f0eaf312ee1fc5c\iexplore.exe.mui
[2011/10/05 17:03:01 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_07013012b816cb66\iexplore.exe.mui
[2011/10/05 17:03:01 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_1155da64ec778d61\iexplore.exe.mui
[2013/05/31 03:09:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_103c8b6555e6a67e\iexplore.exe.mui
[2013/05/31 03:09:55 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_1a9135b78a476879\iexplore.exe.mui
[2009/07/13 22:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_0b433e7773148b79\iexplore.exe.mui
[2009/07/13 22:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_1597e8c9a7754d74\iexplore.exe.mui
 
< MD5 for: IEXPLORE.EXE-4B6C9213.PF  >
[2014/06/12 22:08:01 | 000,327,568 | ---- | M] () MD5=8029657AE4FFAA341966E8802A15BA1D -- C:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pf
 
< MD5 for: IEXPLORE.EXE-908C99F8.PF  >
[2014/06/12 22:08:00 | 000,116,122 | ---- | M] () MD5=5B2928D659ED8715B6A4114AD6B41BDD -- C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
 
< MD5 for: SERVICES  >
[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
 
< MD5 for: SERVICES.CFG  >
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
[2014/05/08 07:21:20 | 000,559,489 | ---- | M] () MD5=E829329E4886E9A3540C62114FC8E145 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
 
< MD5 for: SERVICES.EXE  >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
 
< MD5 for: SERVICES.JS  >
[2014/06/03 13:03:06 | 000,001,083 | ---- | M] () MD5=18272708A717583EBB2AE9712FDA65CD -- C:\Program Files (x86)\Microsoft\BingDesktop\Apps\runtime\mocks\services.js
 
< MD5 for: SERVICES.LNK  >
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.MOCHIADS.COM.SOL  >
[2012/08/26 06:05:29 | 000,000,544 | ---- | M] () MD5=9FC509D548C4B5F63E6ED6000CE0685F -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\T7CC4B2G\mochiads.com\services.mochiads.com.sol
 
< MD5 for: SERVICES.MOF  >
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
 
< MD5 for: SERVICES.MSC  >
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
 
< MD5 for: WINLOGON.ADML  >
[2010/11/21 03:06:30 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f0f9032ef6930070\WinLogon.adml
 
< MD5 for: WINLOGON.ADMX  >
[2009/06/10 17:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx
 
< MD5 for: WINLOGON.EXE  >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 07:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 05:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 05:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
 
< MD5 for: WINLOGON.EXE.MUI  >
[2010/11/21 03:06:14 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2010/11/21 03:06:14 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_291e96fa1ab5fc7b\winlogon.exe.mui
 
< MD5 for: WINLOGON.EXE-B020DC41.PF  >
[2014/06/12 22:09:56 | 000,043,244 | ---- | M] () MD5=C0F38CE2DBEFC19162DE67071473AB2F -- C:\Windows\Prefetch\WINLOGON.EXE-B020DC41.pf
 
< MD5 for: WINLOGON.MFL  >
[2010/11/21 03:06:15 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2010/11/21 03:06:15 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276\winlogon.mfl
 
< MD5 for: WINLOGON.MOF  >
[2009/07/13 16:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2009/07/13 16:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof
 
< %SYSTEMDRIVE%\*.* >
[2011/02/11 13:00:42 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/06/05 22:17:23 | 000,000,000 | ---- | M] () -- C:\END
[2014/06/12 22:15:10 | 463,351,807 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/05 16:52:19 | 000,000,000 | RHS- | M] () -- C:\OS
[2014/06/12 22:15:10 | 2049,458,175 | -HS- | M] () -- C:\pagefile.sys
 
< %systemroot%\Fonts\*.com >
[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
[2013/02/05 22:56:16 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[2014/06/12 21:19:18 | 000,003,750 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C is OS
 Volume Serial Number is C240-9F45
 Directory of C:\
07/14/2009  01:08 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
07/14/2009  01:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  01:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  01:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  01:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  01:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  01:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
07/14/2009  01:08 AM    <SYMLINKD>     All Users [C:\ProgramData]
07/14/2009  01:08 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
07/14/2009  01:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  01:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  01:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  01:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  01:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  01:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
07/14/2009  01:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009  01:08 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/14/2009  01:08 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/14/2009  01:08 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009  01:08 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009  01:08 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009  01:08 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009  01:08 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009  01:08 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
07/14/2009  01:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/14/2009  01:08 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009  01:08 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
07/14/2009  01:08 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/14/2009  01:08 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/14/2009  01:08 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Jack
12/19/2011  12:04 PM    <JUNCTION>     Application Data [C:\Users\Jack\AppData\Roaming]
12/19/2011  12:04 PM    <JUNCTION>     Cookies [C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Cookies]
12/19/2011  12:04 PM    <JUNCTION>     Local Settings [C:\Users\Jack\AppData\Local]
12/19/2011  12:04 PM    <JUNCTION>     My Documents [C:\Users\Jack\Documents]
12/19/2011  12:04 PM    <JUNCTION>     NetHood [C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/19/2011  12:04 PM    <JUNCTION>     PrintHood [C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/19/2011  12:04 PM    <JUNCTION>     Recent [C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Recent]
12/19/2011  12:04 PM    <JUNCTION>     SendTo [C:\Users\Jack\AppData\Roaming\Microsoft\Windows\SendTo]
12/19/2011  12:04 PM    <JUNCTION>     Start Menu [C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu]
12/19/2011  12:04 PM    <JUNCTION>     Templates [C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Jack\AppData\Local
12/19/2011  12:04 PM    <JUNCTION>     Application Data [C:\Users\Jack\AppData\Local]
12/19/2011  12:04 PM    <JUNCTION>     History [C:\Users\Jack\AppData\Local\Microsoft\Windows\History]
12/19/2011  12:04 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Jack\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Jack\Documents
12/19/2011  12:04 PM    <JUNCTION>     My Music [C:\Users\Jack\Music]
12/19/2011  12:04 PM    <JUNCTION>     My Pictures [C:\Users\Jack\Pictures]
12/19/2011  12:04 PM    <JUNCTION>     My Videos [C:\Users\Jack\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Mike&Matt
12/18/2011  02:25 AM    <JUNCTION>     Application Data [C:\Users\Mike&Matt\AppData\Roaming]
12/18/2011  02:25 AM    <JUNCTION>     Cookies [C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\Cookies]
12/18/2011  02:25 AM    <JUNCTION>     Local Settings [C:\Users\Mike&Matt\AppData\Local]
12/18/2011  02:25 AM    <JUNCTION>     My Documents [C:\Users\Mike&Matt\Documents]
12/18/2011  02:25 AM    <JUNCTION>     NetHood [C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/18/2011  02:25 AM    <JUNCTION>     PrintHood [C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/18/2011  02:25 AM    <JUNCTION>     Recent [C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\Recent]
12/18/2011  02:25 AM    <JUNCTION>     SendTo [C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\SendTo]
12/18/2011  02:25 AM    <JUNCTION>     Start Menu [C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\Start Menu]
12/18/2011  02:25 AM    <JUNCTION>     Templates [C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Mike&Matt\AppData\Local
12/18/2011  02:25 AM    <JUNCTION>     Application Data [C:\Users\Mike&Matt\AppData\Local]
12/18/2011  02:25 AM    <JUNCTION>     History [C:\Users\Mike&Matt\AppData\Local\Microsoft\Windows\History]
12/18/2011  02:25 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Mike&Matt\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Mike&Matt\Documents
12/18/2011  02:25 AM    <JUNCTION>     My Music [C:\Users\Mike&Matt\Music]
12/18/2011  02:25 AM    <JUNCTION>     My Pictures [C:\Users\Mike&Matt\Pictures]
12/18/2011  02:25 AM    <JUNCTION>     My Videos [C:\Users\Mike&Matt\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
07/14/2009  01:08 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/14/2009  01:08 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/14/2009  01:08 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Temporary
09/22/2013  07:27 PM    <JUNCTION>     Application Data [C:\Users\Temporary\AppData\Roaming]
09/22/2013  07:27 PM    <JUNCTION>     Cookies [C:\Users\Temporary\AppData\Roaming\Microsoft\Windows\Cookies]
09/22/2013  07:27 PM    <JUNCTION>     Local Settings [C:\Users\Temporary\AppData\Local]
09/22/2013  07:27 PM    <JUNCTION>     My Documents [C:\Users\Temporary\Documents]
09/22/2013  07:27 PM    <JUNCTION>     NetHood [C:\Users\Temporary\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
09/22/2013  07:27 PM    <JUNCTION>     PrintHood [C:\Users\Temporary\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
09/22/2013  07:27 PM    <JUNCTION>     Recent [C:\Users\Temporary\AppData\Roaming\Microsoft\Windows\Recent]
09/22/2013  07:27 PM    <JUNCTION>     SendTo [C:\Users\Temporary\AppData\Roaming\Microsoft\Windows\SendTo]
09/22/2013  07:27 PM    <JUNCTION>     Start Menu [C:\Users\Temporary\AppData\Roaming\Microsoft\Windows\Start Menu]
09/22/2013  07:27 PM    <JUNCTION>     Templates [C:\Users\Temporary\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Temporary\AppData\Local
09/22/2013  07:27 PM    <JUNCTION>     Application Data [C:\Users\Temporary\AppData\Local]
09/22/2013  07:27 PM    <JUNCTION>     History [C:\Users\Temporary\AppData\Local\Microsoft\Windows\History]
09/22/2013  07:27 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Temporary\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Temporary\Documents
09/22/2013  07:27 PM    <JUNCTION>     My Music [C:\Users\Temporary\Music]
09/22/2013  07:27 PM    <JUNCTION>     My Pictures [C:\Users\Temporary\Pictures]
09/22/2013  07:27 PM    <JUNCTION>     My Videos [C:\Users\Temporary\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Zeke
12/05/2011  02:52 PM    <JUNCTION>     Application Data [C:\Users\Zeke\AppData\Roaming]
12/05/2011  02:52 PM    <JUNCTION>     Cookies [C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Cookies]
12/05/2011  02:52 PM    <JUNCTION>     Local Settings [C:\Users\Zeke\AppData\Local]
12/05/2011  02:52 PM    <JUNCTION>     My Documents [C:\Users\Zeke\Documents]
12/05/2011  02:52 PM    <JUNCTION>     NetHood [C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/05/2011  02:52 PM    <JUNCTION>     PrintHood [C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/05/2011  02:52 PM    <JUNCTION>     Recent [C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Recent]
12/05/2011  02:52 PM    <JUNCTION>     SendTo [C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\SendTo]
12/05/2011  02:52 PM    <JUNCTION>     Start Menu [C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu]
12/05/2011  02:52 PM    <JUNCTION>     Templates [C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Zeke\AppData\Local
12/05/2011  02:52 PM    <JUNCTION>     Application Data [C:\Users\Zeke\AppData\Local]
12/05/2011  02:52 PM    <JUNCTION>     History [C:\Users\Zeke\AppData\Local\Microsoft\Windows\History]
12/05/2011  02:52 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Zeke\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Zeke\Documents
12/05/2011  02:52 PM    <JUNCTION>     My Music [C:\Users\Zeke\Music]
12/05/2011  02:52 PM    <JUNCTION>     My Pictures [C:\Users\Zeke\Pictures]
12/05/2011  02:52 PM    <JUNCTION>     My Videos [C:\Users\Zeke\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              97 Dir(s)  866,063,564,800 bytes free
 
< %systemroot%\System32\config\*.sav >
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
 
< %systemroot%\system32\*.db >
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012/09/05 22:21:19 | 000,000,221 | -HS- | M] () -- C:\Users\Jack\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
< %USERPROFILE%\Desktop\*.exe >
[2014/06/12 22:17:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL (1).exe
 
< %PROGRAMFILES%\Common Files\*.* >
[2013/03/29 16:43:17 | 014,823,424 | ---- | M] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
 
< %systemroot%\*.src >
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:C46995DA
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34
 
< End of report >
 
Extras.txt

OTL Extras logfile created on: 6/12/2014 10:20:49 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jack\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.91 Gb Total Physical Memory | 3.18 Gb Available Physical Memory | 53.79% Memory free
11.82 Gb Paging File | 9.00 Gb Available in Paging File | 76.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.58 Gb Total Space | 802.67 Gb Free Space | 87.29% Space Free | Partition Type: NTFS
Drive D: | 11.83 Gb Total Space | 1.42 Gb Free Space | 11.98% Space Free | Partition Type: NTFS
Drive E: | 5.21 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: ZEKE-HP | User Name: Jack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system | 
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2596BE6B-5156-493F-B6F4-0F603CB88766}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe | 
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system | 
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3A738E45-9673-4F2A-B74D-C8E27A555C0B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6CB223C0-BAE2-44EE-83E0-3ED3F73317DB}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe | 
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CC2C3586-0701-4A63-A0FC-E03FFEBF8790}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{00A7C053-F94E-430A-ADC1-BB559D9AEC4F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0697A8C7-FEB2-408B-98BB-131D2CC18D1A}" = protocol=6 | dir=in | app=c:\users\zeke\appdata\local\temp\7zs5da1\hpdiagnosticcoreui.exe | 
"{0BD8FB28-6461-4DAB-9358-1F8DC18EAE69}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{53A709B2-4CAC-426B-AA9D-70C8629429FA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | 
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{77691413-4292-4E99-A79A-C98B93CE5CCE}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe | 
"{77DE7BF9-FFB6-4CFB-8005-5574B99909F7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | 
"{7E04BB1F-63C9-4852-AD5D-0086FA03F40D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | 
"{8550267F-A206-4B4E-A4B2-B4576A62DFBE}" = dir=in | app=c:\users\jack\appdata\local\microsoft\skydrive\skydrive.exe | 
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8A894EE6-725E-4B49-AE66-BA2448EC3C2A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{8B5662EB-DA87-4B37-8E2D-7CC3B5D5760D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{919E1C62-46C7-419A-A4E7-0F9F704A9CA0}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe | 
"{926DA517-B943-457D-96B0-4B262731D300}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{9CD102C2-DA02-459B-AD0C-12B65BDC68A1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | 
"{A082A89B-47CC-418A-A3FC-FFE58DFB34A0}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe | 
"{A2C75353-2B34-45BF-B3E6-8C846AFD6D94}" = protocol=17 | dir=in | app=c:\users\zeke\appdata\local\temp\7zs5dec\hpdiagnosticcoreui.exe | 
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B17CDD87-8DD4-492E-BBA6-A87C9A84D83C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | 
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system | 
"{CC0BE5BA-0830-4DCB-A2F7-8B597F71BA55}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe | 
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D09D642A-D35B-42BC-A52A-9C2973CD35B2}" = protocol=6 | dir=in | app=c:\users\zeke\appdata\local\temp\7zs5dec\hpdiagnosticcoreui.exe | 
"{D1251DBD-A97D-45FD-A47F-BA08D9647DB5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | 
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DD90B125-7E68-47DE-BB80-858AD269B295}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | 
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EE2C6EAA-54C0-42ED-A599-BAE48166F384}" = protocol=17 | dir=in | app=c:\users\zeke\appdata\local\temp\7zs5da1\hpdiagnosticcoreui.exe | 
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F1F1CEB6-070C-4721-BC38-3942C4F8AFEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{F5D0FFC4-BE99-4F80-9CB2-AAC9DD5585E7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | 
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{1F32B89C-D797-4305-BDA1-30B7EDF26C94}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
"TCP Query User{475010BD-F82E-459F-87F1-7C80365205AC}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe | 
"TCP Query User{F0743519-7954-484B-A583-E9632A3987F9}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe | 
"UDP Query User{823B7DE6-C815-4DC6-84DF-AE686FBD4793}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe | 
"UDP Query User{893CD0F9-7BCB-4519-81A9-71D97AAA0EDE}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe | 
"UDP Query User{8C434FD7-A9A6-4B6A-BBA1-0B7233BD7970}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2D5E3D2B-919F-407C-8757-E64827518BB6}" = HP Officejet Pro 8600 Basic Device Software
"{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{988329F4-A1A1-4D51-803C-EF2725A97627}" = HP Photosmart All-In-One Driver Software 13.0 Rel. 2
"{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}" = AdAwareUpdater
"{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater" = Ad-Aware Antivirus
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B52530CA-2C06-447D-B54D-CD6DBF91C9EE}" = AVG 2014
"{BB6E5AA0-BBE9-4009-B94E-2801F2D67DD7}" = AdAwareInstaller
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CB21CD89-A4D3-4240-9AAA-55DCE7F3D076}" = AVG 2014
"{CC347FC6-C8D7-493A-B70E-1D89E22691A7}" = AntimalwareEngine
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}" = Microsoft Mouse and Keyboard Center
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F792E5B0-11C4-4C68-8A63-FB5F52749180}" = HP Officejet Pro 8600 Product Improvement Study
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
"AVG" = AVG 2014
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00FE2935-FB56-4410-AB5F-D6E70C1771D2}" = Garmin WebUpdater
"{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}" = HP SimplePass PE 2011
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web)
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.4
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4956ACE3-F537-4418-BB45-FD52395275A7}" = Catalina Savings Printer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CA54C97-67B1-4507-9BE0-0ED39C24FA32}" = TurboTax 2012 wpaiper
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB)
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}" = Acrobat.com
"{6389F199-1D6C-4974-9557-693F9DD48736}" = Windows Live Writer Resources
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{685B0843-6C8D-4E42-B60D-2B86B45526E0}" = PS_AIO_02_Software_Min
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C528316-05A0-4594-A949-94B792EC396C}" = TurboTax 2011 wpaiper
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App for HP
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BCD1A5E-F903-48C9-9CB2-37E5A6FB2111}" = Blio
"{7C6F0282-3DCD-4A80-95AC-BB298E821C44}" = Windows Live Writer
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix online plug-in (HDX)
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}" = Bejeweled 2 Deluxe
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{89870E0D-9602-41F8-9E83-14F6849346A4}" = Windows Live Mail
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{89EC099E-958D-462E-972C-385591946978}" = TurboTax 2012 WinPerFedFormset
"{8CD86D42-C4DD-4E40-9211-164DFFBCA4DB}" = AVG PC TuneUp 2014 (en-US)
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink 802.11n Wireless LAN Card
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{912CED74-88D3-4C5B-ACB0-132318649765}" = PressReader
"{94F8D42D-BB31-4858-9705-7D756D8D9655}" = PS_AIO_02_Software
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6D5C94-386A-4DE7-B99F-523D3F167B9A}" = Windows Live Messenger
"{A6D659BE-795D-4726-AEE8-91EB25CF26F7}" = TurboTax 2012 wnjiper
"{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}" = TurboTax 2012 WinPerTaxSupport
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{AAF91344-2808-4D6B-9242-FBE5AF79D60A}" = Windows Live Family Safety
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}" = HP Officejet Pro 8600 Help
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}" = YTD Toolbar v6.2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel® Identity Protection Technology 1.1.2.0
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix online plug-in (DV)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D35B72B6-F0E4-462B-BDEB-E08032B3B681}" = HP Setup
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{DB3147AB-4024-4773-8EC0-A1FE5B44933D}" = HP LinkUp
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{E83F5F27-43F3-4163-ABE5-F68C989286ED}" = TurboTax 2012 wrapper
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F014B696-28C5-4554-802F-A15380418F53}" = TurboTax 2012 WinPerReleaseEngine
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 University Life
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"BeFrugal.com Toolbar_is1" = BeFrugal.com Toolbar
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.7" = Coupon Printer for Windows
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FileStream pcPhotos" = FileStream pcPhotos
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"Kobo" = Kobo
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"PDF Complete" = PDF Complete Special Edition
"QUAD Registry Cleaner" = QUAD Registry Cleaner v.1.5.45
"Rhapsody" = Rhapsody
"ShopAtHome.com Helper" = ShopAtHome.com Helper
"Speedial" = Speedial
"SpywareBlaster_is1" = SpywareBlaster 5.0
"Steam App 550" = Left 4 Dead 2
"SyncBack_is1" = SyncBack
"TurboTax 2011" = TurboTax 2011
"TurboTax 2012" = TurboTax 2012
"VIP Access SDK" = VIP Access SDK (1.0.1.4) 
"WildTangent hp Master Uninstall" = HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-11f2f337-e62e-43e0-bc7c-eb0192c4569a" = Vacation Quest - The Hawaiian Islands
"WTA-12159596-7b79-41b2-80b2-d4f117eb3897" = Hoyle Solitaire & More
"WTA-230ebde5-e2aa-4d01-b228-bc100df002cd" = Agatha Christie - Peril at End House
"WTA-409df81a-8b37-4592-9784-ecff9b88d0ad" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-470e2bee-2de1-49cc-97df-79f5367b22be" = Plants vs. Zombies - Game of the Year
"WTA-4c1d531a-5ebd-41a2-8d17-e42d767c132d" = Blackhawk Striker 2
"WTA-5391b64e-4d80-4643-8724-de572ecd1f0e" = Blasterball 3
"WTA-5b706047-8f48-476f-bfae-f14ffeef3cb8" = Mystery of Mortlake Mansion
"WTA-5ea8a6b2-b777-4b53-a433-30fe79752a9c" = Poker Superstars III
"WTA-713fb09c-19fa-4cd7-b645-90d851d740c3" = Virtual Villagers 5 - New Believers
"WTA-7da56451-7769-420e-a5f5-14aa98d1b33c" = Namco All-Stars: PAC-MAN
"WTA-89ccc4aa-f517-44f7-87ff-ccec15258491" = Cradle of Rome 2
"WTA-8fee4af8-0144-4b07-bf4d-c08cfb44f16c" = Bounce Symphony
"WTA-99424bb3-51d0-492b-98f1-e344eaeefe0c" = Mah Jong Medley
"WTA-9a27c006-5649-482d-9ffe-86c03dca17c9" = Polar Bowler
"WTA-9cd40b20-d5e0-420f-977d-89775d4d92da" = Chronicles of Albian
"WTA-a980a788-e984-4453-89d2-bbf795d53208" = Zuma Deluxe
"WTA-b1c0758c-d2ec-46f7-a2b9-8bb644f6d033" = Bejeweled 3
"WTA-b9a9abf7-22bf-467d-a636-f5583f54e488" = Penguins!
"WTA-ba6a9eb4-c681-483e-9e04-2a83bbd5e5c7" = Governor of Poker 2 Premium Edition
"WTA-c32e14ba-c8a5-4352-9519-6c51191cef73" = Cake Mania
"WTA-d59690d6-1fc2-4115-a044-1b22aa9409af" = Polar Golfer
"WTA-dd205137-13b0-4eb7-9700-e596ab85d579" = Chuzzle Deluxe
"WTA-ebb05533-3225-4d24-8924-e66d46cc67fa" = Farm Frenzy
"WTA-ec112294-be97-4ad5-858e-4f52c0536312" = FATE
"WTA-fbb644a1-a698-470c-8c30-6c0e9d20b049" = Slingo Supreme
"Yahoo! Companion" = Yahoo! Toolbar
"ZinioReader4" = Zinio Reader 4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10/1/2013 10:38:12 PM | Computer Name = Zeke-HP | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
 online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
 .  A component version required by the application conflicts with another component
 version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 10/4/2013 1:39:38 AM | Computer Name = Zeke-HP | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
 online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
 .  A component version required by the application conflicts with another component
 version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 10/6/2013 6:42:24 PM | Computer Name = Zeke-HP | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
 online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
 .  A component version required by the application conflicts with another component
 version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 10/6/2013 7:23:49 PM | Computer Name = Zeke-HP | Source = ESENT | ID = 489
Description = taskhost (9888) An attempt to open the file "C:\Users\Mike&Matt\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat"
 for read only access failed with system error 32 (0x00000020): "The process cannot
 access the file because it is being used by another process. ".  The open file 
operation will fail with error -1032 (0xfffffbf8).
 
Error - 10/7/2013 2:42:00 PM | Computer Name = Zeke-HP | Source = VSS | ID = 8193
Description = 
 
Error - 10/7/2013 9:28:22 PM | Computer Name = Zeke-HP | Source = Application Error | ID = 1000
Description = Faulting application name: TrueSuiteService.exe, version: 5.3.0.194,
 time stamp: 0x4df09290  Faulting module name: TrueSuiteService.exe, version: 5.3.0.194,
 time stamp: 0x4df09290  Exception code: 0xc0000417  Fault offset: 0x0001280a  Faulting
 process id: 0x2c8  Faulting application start time: 0x01cec3c5a346e2de  Faulting application
 path: C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe  Faulting module
 path: C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe  Report Id: 
eb3ed6f2-2fb8-11e3-bc30-386077829cb2
 
Error - 10/8/2013 3:16:05 PM | Computer Name = Zeke-HP | Source = ESENT | ID = 489
Description = taskhost (2892) An attempt to open the file "C:\Users\Mike&Matt\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat"
 for read only access failed with system error 32 (0x00000020): "The process cannot
 access the file because it is being used by another process. ".  The open file 
operation will fail with error -1032 (0xfffffbf8).
 
Error - 10/8/2013 5:22:12 PM | Computer Name = Zeke-HP | Source = ESENT | ID = 489
Description = taskhost (5932) An attempt to open the file "C:\Users\Mike&Matt\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat"
 for read only access failed with system error 32 (0x00000020): "The process cannot
 access the file because it is being used by another process. ".  The open file 
operation will fail with error -1032 (0xfffffbf8).
 
Error - 10/9/2013 1:09:49 AM | Computer Name = Zeke-HP | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
 online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
 .  A component version required by the application conflicts with another component
 version already active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 10/9/2013 11:52:36 AM | Computer Name = Zeke-HP | Source = Application Hang | ID = 1002
Description = The program BingDesktop.exe version 1.3.171.0 stopped interacting 
with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 990    Start
 Time: 01cec3cec35ad65c    Termination Time: 15    Application Path: C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
 
Report
 Id: e80b2d96-30f9-11e3-bc30-386077829cb2  
 
[ Hewlett-Packard Events ]
Error - 11/27/2012 4:42:00 AM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common
 
Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 6050  Ram Utilization:   TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 11/27/2012 5:47:59 PM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common
 
Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 6050  Ram Utilization: 30  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 11/27/2012 5:47:59 PM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common
 
Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 6050  Ram Utilization: 30  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 12/4/2012 6:34:51 PM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common
 
Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 6050  Ram Utilization: 30  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 12/4/2012 6:34:52 PM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common
 
Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 6050  Ram Utilization: 30  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 12/11/2012 9:55:02 PM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common
 
Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 6050  Ram Utilization: 20  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 12/11/2012 9:55:03 PM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common
 
Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 6050  Ram Utilization: 20  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 12/18/2012 11:02:49 PM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common
 
Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 6050  Ram Utilization: 20  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 12/18/2012 11:02:50 PM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common
 
Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 6050  Ram Utilization: 20  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 12/19/2012 11:38:04 AM | Computer Name = Zeke-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
 HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01  Path: C:\Program
 Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US  RAM: 6050
Ram
 Utilization: 60  TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
 
 
[ Media Center Events ]
Error - 12/15/2013 4:27:19 AM | Computer Name = Zeke-HP | Source = MCUpdate | ID = 0
Description = 3:27:18 AM - Error connecting to the internet.  3:27:18 AM -     Unable
 to contact server..  
 
Error - 1/21/2014 11:50:36 AM | Computer Name = Zeke-HP | Source = MCUpdate | ID = 0
Description = 10:50:36 AM - Error connecting to the internet.  10:50:36 AM -     Unable
 to contact server..  
 
Error - 1/21/2014 11:51:06 AM | Computer Name = Zeke-HP | Source = MCUpdate | ID = 0
Description = 10:51:05 AM - Error connecting to the internet.  10:51:05 AM -     Unable
 to contact server..  
 
Error - 1/21/2014 12:51:44 PM | Computer Name = Zeke-HP | Source = MCUpdate | ID = 0
Description = 11:51:44 AM - Error connecting to the internet.  11:51:44 AM -     Unable
 to contact server..  
 
Error - 1/21/2014 12:52:14 PM | Computer Name = Zeke-HP | Source = MCUpdate | ID = 0
Description = 11:52:14 AM - Error connecting to the internet.  11:52:14 AM -     Unable
 to contact server..  
 
[ OSession Events ]
Error - 12/8/2012 11:31:46 AM | Computer Name = Zeke-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 44
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 12/8/2012 11:32:32 AM | Computer Name = Zeke-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 16
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 6/11/2014 8:04:07 PM | Computer Name = Zeke-HP | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 6/11/2014 8:09:51 PM | Computer Name = Zeke-HP | Source = NetBT | ID = 4321
Description = The name "WORKGROUP      :1d" could not be registered on the interface
 with IP address 192.168.0.183.  The computer with the IP address 192.168.0.199 did
 not allow the name to be claimed by  this computer.
 
Error - 6/12/2014 3:49:56 AM | Computer Name = Zeke-HP | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 6/12/2014 3:50:26 AM | Computer Name = Zeke-HP | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 6/12/2014 3:50:57 AM | Computer Name = Zeke-HP | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 6/12/2014 4:15:27 AM | Computer Name = Zeke-HP | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 6/12/2014 4:27:58 AM | Computer Name = Zeke-HP | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 6/12/2014 4:28:28 AM | Computer Name = Zeke-HP | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network.  The IP address
 of  the computer that sent the message is in the data. Use nbtstat -n in a  command
 window to see which name is in the Conflict state.
 
Error - 6/12/2014 10:15:32 PM | Computer Name = Zeke-HP | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater15.5.0 service failed to start due to the following
 error:   %%2
 
Error - 6/12/2014 10:16:56 PM | Computer Name = Zeke-HP | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >
 

 


Jaclyn

    Advertisements

Register to Remove


#2 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 13 June 2014 - 02:51 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Please post up the log files by avast and Malwarebytes.

We need to see what was removed.


Proud Member of UNITE & TB
 

#3 Jaclyn

Jaclyn

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 13 June 2014 - 07:09 AM

Below is the Malwarebytes log file contents to get started.  I'm still looking for other log files; I don't know where they are saved.
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/12/2014
Scan Time: 9:37:04 PM
Logfile: MBlog.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.12.13
Rootkit Database: v2014.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jack
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 444265
Time Elapsed: 34 min, 40 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 17
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [128b33445922f343ee0159e20cf616ea], 
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}\INPROCSERVER32, Quarantined, [128b33445922f343ee0159e20cf616ea], 
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [128b33445922f343ee0159e20cf616ea], 
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [128b33445922f343ee0159e20cf616ea], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3462C343-BE19-4143-AF70-CEFB56F46FC6}, Quarantined, [435ab5c22a514bebd55c06710ef49769], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3462C343-BE19-4143-AF70-CEFB56F46FC6}, Quarantined, [435ab5c22a514bebd55c06710ef49769], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}, Quarantined, [b5e88ee96f0c1f17fc365621de242ad6], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}, Quarantined, [b5e88ee96f0c1f17fc365621de242ad6], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{60E91567-EF8A-4520-BCE2-83ABA5256799}, Quarantined, [534a80f79ae1a195c86cdc9b26dce51b], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{60E91567-EF8A-4520-BCE2-83ABA5256799}, Quarantined, [534a80f79ae1a195c86cdc9b26dce51b], 
PUP.Optional.YTDToolbar, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F3FEE66E-E034-436A-86E4-9690573BEE8A}, Quarantined, [4756aacdb4c73600bd8a77c7f40e0cf4], 
PUP.Optional.YTDToolbar, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F3FEE66E-E034-436A-86E4-9690573BEE8A}, Quarantined, [4756aacdb4c73600bd8a77c7f40e0cf4], 
Adware.QUADRegClean, HKLM\SOFTWARE\WOW6432NODE\QUAD Registry Cleaner v2, Quarantined, [0697c3b43d3e1b1b1dfd2c25d231d52b], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\RadioRage_4j, Quarantined, [1d806611e09be3532dddcbdef1110ef2], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CouponAlert_2p, Quarantined, [aaf396e1adce0a2cdb1d277b36cc936d], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CouponXplorer_5z, Quarantined, [2578d89f403bb97dc356c8db5aa8a45c], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\RadioRage_4j, Quarantined, [148964133d3e280ec725831f6b9701ff], 
 
Registry Values: 4
PUP.Optional.YTDToolbar, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{F3FEE66E-E034-436A-86E4-9690573BEE8A}, Quarantined, [4756aacdb4c73600bd8a77c7f40e0cf4], 
PUP.Optional.YTDToolbar, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{F3FEE66E-E034-436a-86E4-9690573BEE8A}, Quarantined, [fca18deae29974c2371074cac63ce31d], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{7b9f8c21-46ec-4c0b-8683-e755ef84577a}, Quarantined, [603d90e7eb90ff3783b3d99e946e2cd4], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{7B9F8C21-46EC-4C0B-8683-E755EF84577A}, Quarantined, [603d90e7eb90ff3783b3d99e946e2cd4], 
 
Registry Data: 1
 
Folders: 98
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork\chrome, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork\chrome\content, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork\chrome\skin, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\chrome, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\META-INF, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\plugins, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\chrome, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\META-INF, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\plugins, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\RadioRage_4j, Quarantined, [b4e9c1b6e299cc6a7cbac3ce45bd0ff1], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com\chrome, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com\chrome, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\chrome, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\plugins, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\CouponXplorer_5z, Quarantined, [b8e54e290279310500ac662b6e942ed2], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales\en-US, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales\en-US, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales\en-US, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.SearchProtect.A, C:\Users\Zeke\AppData\Local\SearchProtect, Quarantined, [27762d4a7407ee483124aeefee1402fe], 
PUP.Optional.SearchProtect.A, C:\Users\Zeke\AppData\Local\SearchProtect\Logs, Quarantined, [27762d4a7407ee483124aeefee1402fe], 
 
Files: 471
PUP.Optional.SearchSnacks.A, C:\Program Files\SearchSnacks\IE\SearchSnacksClientIE.dll, Quarantined, [128b33445922f343ee0159e20cf616ea], 
PUP.Optional.Speedial.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\searchplugins\Speedial.xml, Quarantined, [44599addb7c491a50fd80e99e41ec33d], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\searchplugins\Speedial.xml, Quarantined, [85180770304bff373fa83275cb3752ae], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\searchplugins\Speedial.xml, Quarantined, [0e8fd0a7a8d367cf85628f18ab57e61a], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\searchplugins\Speedial.xml, Quarantined, [d9c44e2994e76ec836b10b9cd230fb05], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, Quarantined, [a3fad2a53744aa8cf6107049a55d639d], 
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork\chrome.manifest, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork\install.rdf, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork\chrome\content\overlay.js, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork\chrome\content\overlay.xul, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork\chrome\content\script0.js, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.TidyNetwork.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\TidyNetwork@TidyNetwork\chrome\skin\32x32.png, Quarantined, [0c91c9ae017ac37355efeda06f938d73], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\bootstrap.js, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\chrome.manifest, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\install.rdf, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\install_no_bootstrap.rdf, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\chrome\4jffxtbr.jar, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\META-INF\manifest.mf, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\META-INF\zigbert.rsa, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\META-INF\zigbert.sf, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\4jffxtbr@RadioRage_4j.com\plugins\NativeMessagingDispatcher.dll, Quarantined, [1588d4a3f28970c674bfd8b9f40e7a86], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\bootstrap.js, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\chrome.manifest, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\install.rdf, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\install_no_bootstrap.rdf, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\chrome\4jffxtbr.jar, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\META-INF\manifest.mf, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\META-INF\zigbert.rsa, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\META-INF\zigbert.sf, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\4jffxtbr@RadioRage_4j.com\plugins\FF-NativeMessagingDispatcher.dll, Quarantined, [e2bbef8862198ea81b18038ee22055ab], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\RadioRage_4j\86C69866-22D2-4C41-A3C4-DBEA2B285EBC.sqlite, Quarantined, [b4e9c1b6e299cc6a7cbac3ce45bd0ff1], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com\bootstrap.js, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com\chrome.manifest, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com\install.rdf, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com\chrome\5zffxtbr.jar, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF\manifest.mf, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF\zigbert.rsa, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF\zigbert.sf, Quarantined, [0c914433fb80b0865852c1d01de540c0], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com\bootstrap.js, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com\chrome.manifest, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com\install.rdf, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com\chrome\5zffxtbr.jar, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF\manifest.mf, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF\zigbert.rsa, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF\zigbert.sf, Quarantined, [584534437a0138fea505bfd2bc46837d], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\bootstrap.js, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\chrome.manifest, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\install.rdf, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\install_old.rdf, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\chrome\5zffxtbr.jar, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF\manifest.mf, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF\zigbert.rsa, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\META-INF\zigbert.sf, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\5zffxtbr@CouponXplorer_5z.com\plugins\FF-NativeMessagingDispatcher.dll, Quarantined, [7b22e88f9dde80b60d9d840d4db59868], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\CouponXplorer_5z\STUB.sqlite, Quarantined, [b8e54e290279310500ac662b6e942ed2], 
PUP.Optional.MindSpark.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\CouponXplorer_5z\undefined.sqlite, Quarantined, [b8e54e290279310500ac662b6e942ed2], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\bootstrap.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\chrome.manifest, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\install.rdf, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\background.9.5.5.jsm, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\background.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\browser.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\header.9.5.5.jsm, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\header.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\timer.jsm, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_de.json, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_en-gb.json, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_en_us.json, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_fr.json, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_he.json, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_it.json, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_pt-br.json, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_ru.json, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_tr.json, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\crypto-js.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery-2.1.0.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.autocomplete.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.balloon.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.fittext.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.Jcrop.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.simplecolorpicker.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\mustache.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\string.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\underscore-min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\gallery.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\gallery.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\newtab.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\newtab.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\search.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\search.min.js, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\foundation.min.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\indicator.gif, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\Jcrop.gif, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.autocomplete.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.Jcrop.min.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.simplecolorpicker.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\normalize.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\arrow-gallery-cat-selected.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\arrow.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\emptyArea.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\gallery.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\gallery_templates.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\icon-gallery-search.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\not_available_32.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\plus.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\X.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\16.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\48.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\64.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\_16.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\buttons.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\footer.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\header.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\list.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\newtab.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\search.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\themes.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-2.gif, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-bar.gif, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-medium.gif, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-small.gif, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader.gif, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\arrow-footer.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\arrow-header.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\attachment.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\close.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\edit-button.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-chrome.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-edit.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-layout.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-plus.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-theme.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\menu_v.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\menu_v_white.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\provider.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\x-button.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\arab_tile.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\batthern_@2X.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\dark_wood_@2X.jpg, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\diagonal_striped_brick.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\escheresque_ste_@2X.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\gold_scale.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\purty_wood_@2X.jpg, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\readme.txt, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\starring_@2X.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\weave_@2X.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\woven.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources\list.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources\menu.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\activetabs.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\favorites.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\layout.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-add.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-edit.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-group.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\readitlater.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\recentlyclosed.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\theme.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\webapps.css, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\bookmarks.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\download.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\downloads.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\downloas.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\extensions.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\history.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\settings.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\trash.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\empty.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\error.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\shadow.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\contactus.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\facebook.ico, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\rateus.png, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\twitter.ico, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\activetabs.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\favorites.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\layout.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-add.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-edit.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-group.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater_content.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater_menu.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\recentlyclosed.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\theme.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\webapps.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\webapps_contextmenu.html, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales\en-US\translations.dtd, Quarantined, [5449b1c62754af87054bc1d401012fd1], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\bootstrap.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\chrome.manifest, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\install.rdf, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\background.9.5.5.jsm, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\background.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\browser.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\header.9.5.5.jsm, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\header.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\timer.jsm, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_de.json, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_en-gb.json, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_en_us.json, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_fr.json, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_he.json, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_it.json, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_pt-br.json, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_ru.json, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_tr.json, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\crypto-js.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery-2.1.0.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.autocomplete.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.balloon.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.fittext.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.Jcrop.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.simplecolorpicker.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\mustache.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\string.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\underscore-min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\gallery.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\gallery.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\newtab.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\newtab.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\search.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\search.min.js, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\foundation.min.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\indicator.gif, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\Jcrop.gif, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.autocomplete.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.Jcrop.min.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.simplecolorpicker.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\normalize.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\arrow-gallery-cat-selected.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\arrow.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\emptyArea.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\gallery.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\gallery_templates.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\icon-gallery-search.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\not_available_32.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\plus.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\X.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\16.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\48.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\64.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\_16.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\buttons.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\footer.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\header.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\list.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\newtab.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\search.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\themes.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-2.gif, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-bar.gif, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-medium.gif, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-small.gif, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader.gif, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\arrow-footer.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\arrow-header.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\attachment.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\close.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\edit-button.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-chrome.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-edit.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-layout.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-plus.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-theme.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\menu_v.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\menu_v_white.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\provider.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\x-button.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\arab_tile.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\batthern_@2X.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\dark_wood_@2X.jpg, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\diagonal_striped_brick.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\escheresque_ste_@2X.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\gold_scale.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\purty_wood_@2X.jpg, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\readme.txt, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\starring_@2X.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\weave_@2X.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\woven.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources\list.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources\menu.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\activetabs.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\favorites.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\layout.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-add.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-edit.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-group.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\readitlater.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\recentlyclosed.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\theme.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\webapps.css, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\bookmarks.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\download.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\downloads.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\downloas.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\extensions.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\history.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\settings.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\trash.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\empty.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\error.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\shadow.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\contactus.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\facebook.ico, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\rateus.png, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\twitter.ico, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\activetabs.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\favorites.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\layout.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-add.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-edit.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-group.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater_content.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater_menu.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\recentlyclosed.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\theme.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\webapps.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\webapps_contextmenu.html, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales\en-US\translations.dtd, Quarantined, [c5d83c3ba0db96a0ff51237210f2a759], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\bootstrap.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\chrome.manifest, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\install.rdf, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\background.9.5.5.jsm, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\background.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\browser.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\header.9.5.5.jsm, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\header.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\browser\timer.jsm, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_de.json, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_en-gb.json, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_en_us.json, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_fr.json, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_he.json, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_it.json, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_pt-br.json, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_ru.json, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\data\favorites_tr.json, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\crypto-js.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery-2.1.0.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.autocomplete.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.balloon.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.fittext.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.Jcrop.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\jquery.simplecolorpicker.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\mustache.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\string.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\external\underscore-min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\gallery.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\gallery.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\newtab.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\newtab.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\search.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\content\newtab\search.min.js, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\foundation.min.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\indicator.gif, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\Jcrop.gif, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.autocomplete.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.Jcrop.min.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\jquery.simplecolorpicker.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\external\normalize.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\arrow-gallery-cat-selected.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\arrow.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\emptyArea.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\gallery.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\gallery_templates.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\icon-gallery-search.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\not_available_32.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\plus.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\gallery\X.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\16.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\48.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\64.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\icons\_16.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\buttons.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\footer.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\header.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\list.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\newtab.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\search.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\css\themes.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-2.gif, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-bar.gif, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-medium.gif, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader-small.gif, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\ajax-loader.gif, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\arrow-footer.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\arrow-header.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\attachment.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\close.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\edit-button.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-chrome.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-edit.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-layout.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-plus.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\icon-theme.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\menu_v.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\menu_v_white.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\provider.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\x-button.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\arab_tile.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\batthern_@2X.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\dark_wood_@2X.jpg, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\diagonal_striped_brick.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\escheresque_ste_@2X.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\gold_scale.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\purty_wood_@2X.jpg, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\readme.txt, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\starring_@2X.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\weave_@2X.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\images\patterns\woven.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources\list.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\newtab\resources\menu.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\activetabs.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\favorites.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\layout.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-add.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-edit.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\modal-fav-group.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\readitlater.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\recentlyclosed.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\theme.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\css\webapps.css, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\bookmarks.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\download.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\downloads.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\downloas.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\extensions.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\history.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\settings.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\chrome\trash.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\empty.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\error.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\favorites\shadow.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\contactus.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\facebook.ico, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\rateus.png, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\images\info\twitter.ico, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\activetabs.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\favorites.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\layout.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-add.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-edit.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\modal-fav-group.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater_content.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\readitlater_menu.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\recentlyclosed.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\theme.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\webapps.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\skin\plugins\resources\webapps_contextmenu.html, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}\_locales\en-US\translations.dtd, Quarantined, [623bf582c3b879bdf7592f661fe3da26], 
PUP.Optional.Speedial.A, C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://speedial.com/...r=666191327&ir=",), Replaced,[118c482f85f62016ad2a079a1be9758b]
PUP.Optional.Speedial.A, C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "search_url": "http://speedial.com/...ults.php?f=4&q={searchTerms}&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir=",), Replaced,[039a9cdb90eba29487519e037193a55b]
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://speedial.com/...r=666191327&ir=" ],), Replaced,[debf93e40873c6701abcaef329db9967]
PUP.Optional.Speedial.A, C:\Users\Mike&Matt\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://speedial.com/...r=666191327&ir=",), Replaced,[2c7160178fecd3639a3d01a0010320e0]
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://speedial.com/...r=666191327&ir=" ],), Replaced,[990490e7fe7d42f4b71fa4fd4eb6a25e]
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://speedial.com/...r=666191327&ir=",), Replaced,[c7d61d5a3d3eff371abdf3ae887c50b0]
PUP.Optional.Speedial.A, C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://speedial.com/...r=666191327&ir=");), Replaced,[4a53e097dd9e91a5874cf1b0aa5a2ed2]
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://speedial.com/...r=666191327&ir=",   "http://mysearch.avg.com/?cid={2F4A798F-5A0A-43D4-834D-266923D37E4A}&mid=b85a164e1fa547d1a124e92931667541-5a029d077e7b5f7f571ff45f2e716cc8fda31fef&lang=en&ds=AVG&pr=fr&d=2013-01-20 12:12:26&v=14.0.0.14&pid=safeguard&sg=1&sap=hp",   "http://mysearch.avg.com/?cid={2F4A798F-5A0A-43D4-834D-266923D37E4A}&mid=b85a164e1fa547d1a124e92931667541-5a029d077e7b5f7f571ff45f2e716cc8fda31fef&lang=en&ds=AVG&pr=fr&d=2013-01-20 12:12:26&v=14.2.0.1&pid=safeguard&sg=1&sap=hp",   "http://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=243BF17D03C13E7D8655CB5145FE65B2",   "http://mysearch.avg.com?cid={2F4A798F-5A0A-43D4-834D-266923D37E4A}&mid=b85a164e1fa547d1a124e92931667541-5a029d077e7b5f7f571ff45f2e716cc8fda31fef&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-08 19:58:58&v=17.2.0.38&pid=safeguard&sg=0&sap=hp"   ],), Replaced,[6a33db9c067564d2ede95f42ae5655ab]
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://speedial.com/...r=666191327&ir=",), Replaced,[95081f58cbb01d19cc0b2a7731d3e719]
PUP.Optional.Speedial.A, C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://speedial.com/...r=666191327&ir=");), Replaced,[3568ec8b4437e353f8db4c55aa5ac838]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Jaclyn

#4 Jaclyn

Jaclyn

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 13 June 2014 - 07:26 AM

I don't know where to find AVG logfiles.  But it had only removed 2 items, so I just attached screen shots of the details.

 

Picture1.png

 

Picture2.png


Jaclyn

#5 Jaclyn

Jaclyn

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 16 June 2014 - 08:21 AM

Marius,

I haven't heard from you in 3 days.  Are you still working on this problem or should I create a new post in the forum?


Jaclyn

#6 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 16 June 2014 - 02:08 PM

Hi there,

 

I wasn´t at the office at the weekend.

Thanks for uplaoding the files.

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


Proud Member of UNITE & TB
 

#7 Jaclyn

Jaclyn

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 16 June 2014 - 06:18 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by Jack (administrator) on ZEKE-HP on 16-06-2014 20:14:31
Running from C:\Users\Jack\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-05] (PDF Complete Inc)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [103768 2009-09-13] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [BFHP] => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe [245072 2014-03-04] (Capital Intellect, Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2567192 2014-06-13] ()
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Policies\system: [LogonHoursAction] 2
HKU\.DEFAULT\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\hp\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1104256 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-27] (Electronic Arts)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\Run: [QUAD Windows service] => C:\Program Files (x86)\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe [12185600 2008-12-01] (Interactive Brands Inc.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\RunOnce: [Application Restart #0] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\RunOnce: [Application Restart #1] - C:\Windows\SysWOW64\ctfmon.exe ctfmon.exe
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\hp\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1104256 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-27] (Electronic Arts)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QUAD Windows service] => C:\Program Files (x86)\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe [12185600 2008-12-01] (Interactive Brands Inc.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Application Restart #0] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Application Restart #1] - C:\Windows\SysWOW64\ctfmon.exe ctfmon.exe
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3805376401-1662035509-791222529-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3805376401-1662035509-791222529-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3805376401-1662035509-791222529-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3805376401-1662035509-791222529-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3805376401-1662035509-791222529-1004\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-04-24] (Google Inc.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3805376401-1662035509-791222529-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-04-24] (Google Inc.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Temporary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\hp\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (No File)
GroupPolicyUsers\S-1-5-21-3805376401-1662035509-791222529-1004\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=666191327&ir=
SearchScopes: HKLM - {CBEE8B4A-B645-4BB3-985F-45A1625B4BE7} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - DefaultScope 127F532114A042D68770672FBA570C19 URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - 127F532114A042D68770672FBA570C19 URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {31090377-0740-419E-BEFC-A56E50500D5B} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={A3457976-4626-4AC7-B2D2-3FD701A259AF}&mid=b85a164e1fa547d1a124e92931667541-5a029d077e7b5f7f571ff45f2e716cc8fda31fef&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-19 00:14:08&v=18.1.6.542&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: BeFrugalIEHelper - {2335A057-CBA6-40F6-A712-C6A7C98F7813} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - BeFrugal.com Toolbar - {5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.7.598\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://www.google.com
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\17\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Lavasoft Search Plugin - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-03-17]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-05-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-03]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-08-06]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.598
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.598 [2014-06-05]
 
Chrome: 
=======
CHR HomePage: hxxp://speedial.com/?f=1&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir=
CHR StartupUrls: "hxxp://speedial.com/?f=1&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir="
CHR NewTab: "chrome-extension://bakijjialdiiboeaknfpmflphhmljfkd/content/newtab/newtab.html"
CHR DefaultSearchKeyword: speedial.com
CHR DefaultSearchProvider: Speedial
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll No File
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin\NP5zStub.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (Website Logon) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe [2013-03-29]
CHR Extension: (Google Wallet) - C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx [2013-09-15]
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]
CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2011-06-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 BeFrugal.com Service; C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [416592 2014-03-04] (Capital Intellect, Inc.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [176624 2014-02-13] (Coupons.com Inc.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-06-07] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-03] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1808408 2014-06-05] (AVG Secure Search)
S2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-05] (AVG Technologies)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-17] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-10-05] ()
R1 ssnfd; C:\Windows\System32\drivers\ssnfd.sys [58248 2014-05-13] (Search Snacks)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-16 20:14 - 2014-06-16 20:14 - 00034018 _____ () C:\Users\Jack\Desktop\FRST.txt
2014-06-16 20:14 - 2014-06-16 20:14 - 00000000 ____D () C:\FRST
2014-06-16 20:13 - 2014-06-16 20:13 - 02081280 _____ (Farbar) C:\Users\Jack\Downloads\FRST64.exe
2014-06-16 20:13 - 2014-06-16 20:13 - 02081280 _____ (Farbar) C:\Users\Jack\Desktop\FRST64.exe
2014-06-13 09:15 - 2014-06-13 09:15 - 00000000 __SHD () C:\Users\Jack\AppData\Local\EmieUserList
2014-06-13 09:15 - 2014-06-13 09:15 - 00000000 __SHD () C:\Users\Jack\AppData\Local\EmieSiteList
2014-06-12 22:38 - 2014-06-12 22:38 - 00116872 _____ () C:\Users\Jack\Desktop\Extras.Txt
2014-06-12 22:37 - 2014-06-12 22:37 - 00207258 _____ () C:\Users\Jack\Desktop\OTL.Txt
2014-06-12 22:17 - 2014-06-12 22:17 - 00602112 _____ (OldTimer Tools) C:\Users\Jack\Desktop\OTL (1).exe
2014-06-12 22:04 - 2014-06-12 22:04 - 00000000 __SHD () C:\Users\Mike&Matt\AppData\Local\EmieUserList
2014-06-12 22:04 - 2014-06-12 22:04 - 00000000 __SHD () C:\Users\Mike&Matt\AppData\Local\EmieSiteList
2014-06-12 22:04 - 2014-06-12 22:04 - 00000000 ____D () C:\Users\Mike&Matt\AppData\Roaming\Google
2014-06-12 22:00 - 2014-06-12 22:00 - 00000000 ____D () C:\Users\Mike&Matt\AppData\Local\adawarebp
2014-06-12 21:36 - 2014-06-16 20:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-12 21:36 - 2014-06-12 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-12 21:36 - 2014-06-12 21:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-12 21:36 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-12 21:36 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-12 21:18 - 2014-06-12 21:18 - 00000000 ____D () C:\Users\Jack\AppData\Local\adawarebp
2014-06-12 03:25 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 03:25 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 03:25 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 03:25 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 03:25 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 03:25 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 03:25 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 03:25 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 03:25 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 03:25 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 03:25 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 03:25 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 03:25 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 03:25 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 03:25 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 03:25 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 03:25 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 03:25 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 03:25 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 03:25 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 03:25 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 03:25 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 03:25 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 03:25 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 03:25 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 03:25 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 03:25 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 03:25 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 03:25 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 03:25 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 03:25 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 03:25 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 03:25 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 03:25 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 03:25 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 03:25 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 03:25 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 03:25 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 03:25 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 03:25 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 03:25 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 03:25 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 03:25 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 03:25 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 03:25 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 03:25 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 03:25 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 03:25 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 03:25 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 03:25 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 03:25 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 03:25 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 03:25 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 03:25 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 03:25 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 03:25 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 03:25 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 03:25 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 03:25 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 03:25 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 03:25 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 03:25 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 03:25 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 03:25 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 03:25 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 03:25 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 03:25 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 03:25 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 20:24 - 2014-06-11 20:24 - 00000000 ____D () C:\ProgramData\Recovery
2014-06-11 19:55 - 2014-06-11 19:55 - 00000000 ____D () C:\Users\Zeke\AppData\Local\adawarebp
2014-06-11 10:48 - 2014-06-11 10:49 - 00000000 ____D () C:\Users\Zeke\AppData\Local\Adobe
2014-06-11 10:48 - 2014-06-11 10:48 - 00002982 _____ () C:\Windows\System32\Tasks\{B5588283-98B9-4C86-BB71-06E37F85C229}
2014-06-08 19:14 - 2014-06-08 19:14 - 00002256 _____ () C:\Users\Public\Desktop\The Sims™ 3 University Life.lnk
2014-06-06 16:40 - 2014-06-06 16:44 - 00002114 _____ () C:\Windows\system32\ASOROSet.bin
2014-06-06 16:40 - 2014-06-06 16:40 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-06-06 16:20 - 2014-06-06 16:20 - 00000042 _____ () C:\Users\Zeke\AppData\Roaming\WB.CFG
2014-06-06 15:27 - 2014-06-06 15:27 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-06 15:27 - 2014-06-06 15:27 - 00000000 ____D () C:\ProgramData\AVG
2014-06-06 15:20 - 2014-06-16 20:12 - 00000288 _____ () C:\Windows\Tasks\Speedial.job
2014-06-06 15:20 - 2014-06-06 15:20 - 00003224 _____ () C:\Windows\System32\Tasks\Speedial
2014-06-06 15:18 - 2014-06-06 15:24 - 00002561 _____ () C:\Users\Zeke\Desktop\SOLDIERS.lnk
2014-06-06 15:18 - 2014-06-06 15:18 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Soldiers939
2014-06-06 15:18 - 2014-06-06 15:18 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldiers
2014-06-06 15:18 - 2014-06-06 15:18 - 00000000 ____D () C:\Users\Zeke\AppData\Local\Soldiers
2014-06-06 15:17 - 2014-06-06 15:17 - 00000000 ____D () C:\Program Files\Earth Networks
2014-06-06 15:16 - 2014-06-06 16:41 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Systweak
2014-06-06 12:08 - 2014-06-06 12:08 - 00566168 _____ (Installer Technology Co) C:\Users\Zeke\Downloads\SoftwareUpdater.exe
2014-06-06 12:08 - 2014-06-06 12:08 - 00566168 _____ (Installer Technology Co) C:\Users\Zeke\Downloads\SoftwareUpdater(2).exe
2014-06-06 12:08 - 2014-06-06 12:08 - 00566168 _____ (Installer Technology Co) C:\Users\Zeke\Downloads\SoftwareUpdater(1).exe
2014-06-05 17:00 - 2014-06-05 17:25 - 00000000 ____D () C:\Users\Zeke\Desktop\Camera Pics
2014-06-05 12:18 - 2014-06-05 12:19 - 00001089 _____ () C:\Users\Zeke\Desktop\MyPC Backup.lnk
2014-06-05 12:18 - 2014-06-05 12:18 - 00001971 _____ () C:\Users\Zeke\Desktop\Sync Folder.lnk
2014-06-05 12:18 - 2014-06-05 12:18 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-05 12:18 - 2014-06-05 12:18 - 00000000 ____D () C:\Program Files\SearchSnacks
2014-06-05 12:17 - 2014-06-05 12:17 - 00028672 _____ () C:\Windows\system32\bddel.exe
2014-06-05 12:17 - 2014-06-05 12:17 - 00028442 _____ () C:\Windows\system32\bddel.dat
2014-06-05 12:15 - 2014-06-11 10:04 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-06-05 12:15 - 2014-06-05 22:17 - 00000000 _____ () C:\END
2014-06-05 12:15 - 2014-06-05 12:15 - 00003984 _____ () C:\Windows\System32\Tasks\TidyNetwork Update
2014-06-05 12:15 - 2014-06-05 12:15 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts
2014-06-05 12:15 - 2014-06-05 12:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-05 11:03 - 2014-06-05 11:03 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-06-03 23:07 - 2014-06-03 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-03 23:05 - 2014-06-03 23:05 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-03 23:04 - 2014-06-03 23:04 - 01707144 _____ () C:\Users\Zeke\Downloads\Adaware_Installer.exe
2014-06-01 19:15 - 2014-06-01 19:15 - 00002184 _____ () C:\Users\Public\Desktop\The Sims™ 3 Seasons.lnk
2014-05-30 23:36 - 2014-05-30 23:36 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Lavasoft
2014-05-26 23:15 - 2014-05-26 23:15 - 00000000 ____D () C:\ProgramData\Avg_Update_0414c
2014-05-26 22:27 - 2014-05-26 22:27 - 01130024 _____ (BillP Studios) C:\Users\Jack\Downloads\wpsetup.exe
2014-05-26 22:27 - 2014-05-26 22:27 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\WinPatrol
2014-05-26 18:57 - 2014-05-26 18:57 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\Lavasoft
2014-05-26 18:48 - 2014-05-26 18:48 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\LavasoftStatistics
2014-05-26 18:10 - 2014-05-26 18:11 - 00000000 ____D () C:\Users\Jack\AppData\Local\MediaMonkey
2014-05-26 18:09 - 2014-06-13 03:26 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-26 18:08 - 2014-05-26 18:08 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-26 18:07 - 2014-05-26 18:07 - 01727624 _____ () C:\Users\Jack\Downloads\Adaware_Installer.exe
2014-05-26 18:07 - 2014-05-26 18:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-26 17:59 - 2014-06-16 20:12 - 00000000 ____D () C:\Users\Jack\AppData\Local\AVG SafeGuard toolbar
 
==================== One Month Modified Files and Folders =======
 
2014-06-16 20:14 - 2014-06-16 20:14 - 00034018 _____ () C:\Users\Jack\Desktop\FRST.txt
2014-06-16 20:14 - 2014-06-16 20:14 - 00000000 ____D () C:\FRST
2014-06-16 20:14 - 2011-12-19 12:04 - 00000000 ____D () C:\Users\Jack\AppData\Local\Temp
2014-06-16 20:13 - 2014-06-16 20:13 - 02081280 _____ (Farbar) C:\Users\Jack\Downloads\FRST64.exe
2014-06-16 20:13 - 2014-06-16 20:13 - 02081280 _____ (Farbar) C:\Users\Jack\Desktop\FRST64.exe
2014-06-16 20:13 - 2014-06-12 21:36 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-16 20:13 - 2012-09-25 11:35 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-16 20:13 - 2011-12-19 12:05 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EAF982F6-72D5-460F-AFF1-3532AC9AF186}
2014-06-16 20:13 - 2011-12-05 14:51 - 01882146 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 20:12 - 2014-06-06 15:20 - 00000288 _____ () C:\Windows\Tasks\Speedial.job
2014-06-16 20:12 - 2014-05-26 17:59 - 00000000 ____D () C:\Users\Jack\AppData\Local\AVG SafeGuard toolbar
2014-06-16 20:12 - 2012-09-25 11:35 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-16 20:12 - 2012-04-11 16:13 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-16 20:12 - 2011-10-05 17:31 - 00000000 ____D () C:\ProgramData\truesuite
2014-06-13 09:15 - 2014-06-13 09:15 - 00000000 __SHD () C:\Users\Jack\AppData\Local\EmieUserList
2014-06-13 09:15 - 2014-06-13 09:15 - 00000000 __SHD () C:\Users\Jack\AppData\Local\EmieSiteList
2014-06-13 09:06 - 2013-09-22 23:46 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-13 09:01 - 2014-04-03 00:17 - 00000430 _____ () C:\Windows\Tasks\BeFrugal.com Toolbar.job
2014-06-13 09:01 - 2014-02-05 12:05 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job
2014-06-13 09:01 - 2014-02-05 12:05 - 00000372 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job
2014-06-13 09:01 - 2013-03-17 13:34 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-06-13 03:33 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-13 03:33 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-13 03:26 - 2014-05-26 18:09 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-06-13 03:26 - 2011-10-05 17:26 - 00000000 ____D () C:\ProgramData\PDFC
2014-06-13 03:25 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-13 03:25 - 2009-07-14 00:51 - 00073306 _____ () C:\Windows\setupact.log
2014-06-13 03:22 - 2010-11-20 23:47 - 01624044 _____ () C:\Windows\PFRO.log
2014-06-13 03:20 - 2014-04-19 00:13 - 00003750 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-06-13 03:20 - 2013-12-08 20:58 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-06-13 03:20 - 2011-10-05 17:20 - 00000000 ____D () C:\ProgramData\Temp
2014-06-13 03:05 - 2013-07-18 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 03:03 - 2012-01-02 15:20 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-13 03:03 - 2011-12-18 13:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 03:01 - 2014-04-27 16:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 00:21 - 2012-09-07 21:30 - 00000000 ____D () C:\Users\Zeke\AppData\Local\temp
2014-06-12 22:38 - 2014-06-12 22:38 - 00116872 _____ () C:\Users\Jack\Desktop\Extras.Txt
2014-06-12 22:37 - 2014-06-12 22:37 - 00207258 _____ () C:\Users\Jack\Desktop\OTL.Txt
2014-06-12 22:17 - 2014-06-12 22:17 - 00602112 _____ (OldTimer Tools) C:\Users\Jack\Desktop\OTL (1).exe
2014-06-12 22:14 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Web
2014-06-12 22:11 - 2012-09-07 21:30 - 00000000 ____D () C:\Users\Mike&Matt\AppData\Local\temp
2014-06-12 22:11 - 2011-12-18 02:25 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{427B99CC-CAE8-4DE7-A5AA-0DE42AAC8A8B}
2014-06-12 22:10 - 2013-09-22 19:25 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-12 22:04 - 2014-06-12 22:04 - 00000000 __SHD () C:\Users\Mike&Matt\AppData\Local\EmieUserList
2014-06-12 22:04 - 2014-06-12 22:04 - 00000000 __SHD () C:\Users\Mike&Matt\AppData\Local\EmieSiteList
2014-06-12 22:04 - 2014-06-12 22:04 - 00000000 ____D () C:\Users\Mike&Matt\AppData\Roaming\Google
2014-06-12 22:04 - 2012-10-20 17:15 - 00000000 ____D () C:\Users\Mike&Matt\AppData\Local\Google
2014-06-12 22:00 - 2014-06-12 22:00 - 00000000 ____D () C:\Users\Mike&Matt\AppData\Local\adawarebp
2014-06-12 21:36 - 2014-06-12 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-12 21:36 - 2014-06-12 21:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-12 21:36 - 2013-09-22 23:30 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-12 21:36 - 2012-09-03 14:40 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\Malwarebytes
2014-06-12 21:36 - 2012-09-03 14:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-12 21:35 - 2012-09-29 16:15 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-06-12 21:18 - 2014-06-12 21:18 - 00000000 ____D () C:\Users\Jack\AppData\Local\adawarebp
2014-06-12 20:48 - 2011-12-05 17:11 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{10EE49B1-3951-408C-8F71-BC7706AFE668}
2014-06-12 14:03 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-11 20:24 - 2014-06-11 20:24 - 00000000 ____D () C:\ProgramData\Recovery
2014-06-11 20:20 - 2011-12-05 17:11 - 00001415 _____ () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-11 20:19 - 2013-05-31 16:35 - 00000000 ____D () C:\ProgramData\Origin
2014-06-11 19:58 - 2012-11-28 17:37 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-11 19:55 - 2014-06-11 19:55 - 00000000 ____D () C:\Users\Zeke\AppData\Local\adawarebp
2014-06-11 10:49 - 2014-06-11 10:48 - 00000000 ____D () C:\Users\Zeke\AppData\Local\Adobe
2014-06-11 10:48 - 2014-06-11 10:48 - 00002982 _____ () C:\Windows\System32\Tasks\{B5588283-98B9-4C86-BB71-06E37F85C229}
2014-06-11 10:08 - 2014-02-18 18:59 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForZeke.job
2014-06-11 10:04 - 2014-06-05 12:15 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-06-11 10:04 - 2011-12-05 17:11 - 00000000 ___RD () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-10 16:19 - 2014-02-18 18:59 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForZeke
2014-06-10 16:19 - 2011-12-20 17:10 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-10 16:19 - 2011-12-09 23:16 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-09 11:46 - 2012-02-13 20:15 - 00002426 ____N () C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
2014-06-09 11:46 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-08 19:14 - 2014-06-08 19:14 - 00002256 _____ () C:\Users\Public\Desktop\The Sims™ 3 University Life.lnk
2014-06-08 19:10 - 2013-03-30 17:52 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-06-08 19:10 - 2011-10-05 17:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-08 05:13 - 2014-06-12 03:25 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-12 03:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 22:07 - 2013-03-13 18:16 - 00001174 _____ () C:\Users\Mike&Matt\Desktop\ROBLOX Studio 2013.lnk
2014-06-07 22:07 - 2012-07-30 11:56 - 00001355 _____ () C:\Users\Mike&Matt\Desktop\ROBLOX Player.lnk
2014-06-07 22:07 - 2012-01-08 21:58 - 00000000 ___HD () C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-06-07 22:06 - 2011-10-05 17:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-06-06 18:20 - 2013-05-31 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-06 17:51 - 2011-12-17 16:05 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForZEKE-HP$
2014-06-06 17:51 - 2011-12-17 16:05 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForZEKE-HP$.job
2014-06-06 16:45 - 2011-12-19 12:04 - 00000000 ____D () C:\Users\Jack
2014-06-06 16:45 - 2011-12-18 02:25 - 00000000 ____D () C:\Users\Mike&Matt
2014-06-06 16:45 - 2011-12-05 14:52 - 00000000 ____D () C:\Users\Zeke
2014-06-06 16:45 - 2009-07-13 22:34 - 81788928 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-06-06 16:45 - 2009-07-13 22:34 - 14680064 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-06-06 16:45 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-06-06 16:44 - 2014-06-06 16:40 - 00002114 _____ () C:\Windows\system32\ASOROSet.bin
2014-06-06 16:42 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-06-06 16:41 - 2014-06-06 15:16 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Systweak
2014-06-06 16:40 - 2014-06-06 16:40 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-06-06 16:20 - 2014-06-06 16:20 - 00000042 _____ () C:\Users\Zeke\AppData\Roaming\WB.CFG
2014-06-06 15:27 - 2014-06-06 15:27 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-06 15:27 - 2014-06-06 15:27 - 00000000 ____D () C:\ProgramData\AVG
2014-06-06 15:24 - 2014-06-06 15:18 - 00002561 _____ () C:\Users\Zeke\Desktop\SOLDIERS.lnk
2014-06-06 15:20 - 2014-06-06 15:20 - 00003224 _____ () C:\Windows\System32\Tasks\Speedial
2014-06-06 15:18 - 2014-06-06 15:18 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Soldiers939
2014-06-06 15:18 - 2014-06-06 15:18 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldiers
2014-06-06 15:18 - 2014-06-06 15:18 - 00000000 ____D () C:\Users\Zeke\AppData\Local\Soldiers
2014-06-06 15:17 - 2014-06-06 15:17 - 00000000 ____D () C:\Program Files\Earth Networks
2014-06-06 12:08 - 2014-06-06 12:08 - 00566168 _____ (Installer Technology Co) C:\Users\Zeke\Downloads\SoftwareUpdater.exe
2014-06-06 12:08 - 2014-06-06 12:08 - 00566168 _____ (Installer Technology Co) C:\Users\Zeke\Downloads\SoftwareUpdater(2).exe
2014-06-06 12:08 - 2014-06-06 12:08 - 00566168 _____ (Installer Technology Co) C:\Users\Zeke\Downloads\SoftwareUpdater(1).exe
2014-06-05 22:17 - 2014-06-05 12:15 - 00000000 _____ () C:\END
2014-06-05 17:25 - 2014-06-05 17:00 - 00000000 ____D () C:\Users\Zeke\Desktop\Camera Pics
2014-06-05 12:19 - 2014-06-05 12:18 - 00001089 _____ () C:\Users\Zeke\Desktop\MyPC Backup.lnk
2014-06-05 12:18 - 2014-06-05 12:18 - 00001971 _____ () C:\Users\Zeke\Desktop\Sync Folder.lnk
2014-06-05 12:18 - 2014-06-05 12:18 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-05 12:18 - 2014-06-05 12:18 - 00000000 ____D () C:\Program Files\SearchSnacks
2014-06-05 12:18 - 2014-05-10 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-05 12:17 - 2014-06-05 12:17 - 00028672 _____ () C:\Windows\system32\bddel.exe
2014-06-05 12:17 - 2014-06-05 12:17 - 00028442 _____ () C:\Windows\system32\bddel.dat
2014-06-05 12:15 - 2014-06-05 12:15 - 00003984 _____ () C:\Windows\System32\Tasks\TidyNetwork Update
2014-06-05 12:15 - 2014-06-05 12:15 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts
2014-06-05 12:15 - 2014-06-05 12:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-05 12:14 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Resources
2014-06-05 11:07 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-05 11:03 - 2014-06-05 11:03 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-06-05 11:02 - 2014-04-19 00:14 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-06-04 23:22 - 2014-04-19 00:14 - 00000000 ____D () C:\Users\Zeke\AppData\Local\AVG SafeGuard toolbar
2014-06-03 23:07 - 2014-06-03 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-03 23:05 - 2014-06-03 23:05 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-03 23:04 - 2014-06-03 23:04 - 01707144 _____ () C:\Users\Zeke\Downloads\Adaware_Installer.exe
2014-06-01 19:15 - 2014-06-01 19:15 - 00002184 _____ () C:\Users\Public\Desktop\The Sims™ 3 Seasons.lnk
2014-05-30 23:36 - 2014-05-30 23:36 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Lavasoft
2014-05-30 06:21 - 2014-06-12 03:25 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 06:02 - 2014-06-12 03:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 06:02 - 2014-06-12 03:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 05:45 - 2014-06-12 03:25 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 05:39 - 2014-06-12 03:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 05:39 - 2014-06-12 03:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 05:38 - 2014-06-12 03:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 05:28 - 2014-06-12 03:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 05:27 - 2014-06-12 03:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 05:24 - 2014-06-12 03:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 05:21 - 2014-06-12 03:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 05:21 - 2014-06-12 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 05:20 - 2014-06-12 03:25 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 05:18 - 2014-06-12 03:25 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 05:11 - 2014-06-12 03:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 05:08 - 2014-06-12 03:25 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 05:06 - 2014-06-12 03:25 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 05:02 - 2014-06-12 03:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 04:55 - 2014-06-12 03:25 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 04:49 - 2014-06-12 03:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 04:46 - 2014-06-12 03:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 04:44 - 2014-06-12 03:25 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 04:44 - 2014-06-12 03:25 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 04:43 - 2014-06-12 03:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 04:42 - 2014-06-12 03:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 04:38 - 2014-06-12 03:25 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 04:35 - 2014-06-12 03:25 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 04:34 - 2014-06-12 03:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 04:33 - 2014-06-12 03:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 04:30 - 2014-06-12 03:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 04:29 - 2014-06-12 03:25 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 04:28 - 2014-06-12 03:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 04:27 - 2014-06-12 03:25 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 04:24 - 2014-06-12 03:25 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 04:23 - 2014-06-12 03:25 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 04:16 - 2014-06-12 03:25 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 04:10 - 2014-06-12 03:25 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 04:06 - 2014-06-12 03:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 04:04 - 2014-06-12 03:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 04:02 - 2014-06-12 03:25 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 03:56 - 2014-06-12 03:25 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 03:56 - 2014-06-12 03:25 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 03:54 - 2014-06-12 03:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 03:50 - 2014-06-12 03:25 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 03:49 - 2014-06-12 03:25 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 03:43 - 2014-06-12 03:25 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 03:40 - 2014-06-12 03:25 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 03:30 - 2014-06-12 03:25 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 03:21 - 2014-06-12 03:25 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 03:15 - 2014-06-12 03:25 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 03:13 - 2014-06-12 03:25 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 03:13 - 2014-06-12 03:25 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-26 23:15 - 2014-05-26 23:15 - 00000000 ____D () C:\ProgramData\Avg_Update_0414c
2014-05-26 22:27 - 2014-05-26 22:27 - 01130024 _____ (BillP Studios) C:\Users\Jack\Downloads\wpsetup.exe
2014-05-26 22:27 - 2014-05-26 22:27 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\WinPatrol
2014-05-26 19:09 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 19:07 - 2011-12-18 12:54 - 00000000 ____D () C:\Users\Zeke\AppData\Local\MediaMonkey
2014-05-26 19:07 - 2011-12-18 12:54 - 00000000 ____D () C:\Program Files (x86)\MediaMonkey
2014-05-26 18:57 - 2014-05-26 18:57 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\Lavasoft
2014-05-26 18:48 - 2014-05-26 18:48 - 00000000 ____D () C:\Users\Jack\AppData\Roaming\LavasoftStatistics
2014-05-26 18:11 - 2014-05-26 18:10 - 00000000 ____D () C:\Users\Jack\AppData\Local\MediaMonkey
2014-05-26 18:08 - 2014-05-26 18:08 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-26 18:07 - 2014-05-26 18:07 - 01727624 _____ () C:\Users\Jack\Downloads\Adaware_Installer.exe
2014-05-26 18:07 - 2014-05-26 18:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-26 17:59 - 2011-12-19 12:05 - 00000000 ___RD () C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 17:59 - 2011-12-19 12:05 - 00000000 ___RD () C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 17:59 - 2011-12-19 12:04 - 00000632 __RSH () C:\Users\Jack\ntuser.pol
2014-05-19 20:10 - 2012-09-26 16:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-19 08:32 - 2014-03-31 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-19 08:32 - 2013-09-22 23:50 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-18 19:10 - 2011-12-18 02:25 - 00001240 __RSH () C:\Users\Mike&Matt\ntuser.pol
2014-05-18 19:10 - 2011-12-18 02:25 - 00000000 ___RD () C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-18 19:10 - 2011-12-18 02:25 - 00000000 ___RD () C:\Users\Mike&Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
 
Files to move or delete:
====================
C:\Users\Zeke\AppData\Roaming\skype.ini
 
 
Some content of TEMP:
====================
C:\Users\Mike&Matt\AppData\Local\Temp\EAD756D.exe
C:\Users\Mike&Matt\AppData\Local\Temp\lpuninstall.exe
C:\Users\Mike&Matt\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Zeke\AppData\Local\Temp\Couponscom.exe
C:\Users\Zeke\AppData\Local\Temp\DefaultPack.exe
C:\Users\Zeke\AppData\Local\Temp\oi_{C6644D94-CE07-4BC9-B35E-70674F71BDA3}.exe
C:\Users\Zeke\AppData\Local\Temp\sp64126.exe
C:\Users\Zeke\AppData\Local\Temp\sqlite3.exe
C:\Users\Zeke\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Zeke\AppData\Local\Temp\WiseUpdX.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-09 12:56
 
==================== End Of Log ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by Jack at 2014-06-16 20:15:10
Running from C:\Users\Jack\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Ad-Aware Antivirus (HKLM\...\{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater) (Version: 11.2.5952.0 - Lavasoft)
AdAwareInstaller (Version: 11.2.5952.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.2.5952.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3964 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
AVG PC Tuneup (HKLM-x32\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.27 - AVG)
AVG PC TuneUp 2014 (en-US) (x32 Version: 14.0.1001.423 - AVG) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.7.598 - AVG Technologies)
BeFrugal.com Toolbar (HKLM-x32\...\BeFrugal.com Toolbar_is1) (Version: 2013.3.10.2 - BeFrugal.com)
Bejeweled 2 Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}) (Version:  - Oberon Media)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blio (HKLM-x32\...\{7BCD1A5E-F903-48C9-9CB2-37E5A6FB2111}) (Version: 3.3.9679 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalina Savings Printer (HKLM-x32\...\{4956ACE3-F537-4418-BB45-FD52395275A7}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 11.2.0.31560 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileStream pcPhotos (HKLM-x32\...\FileStream pcPhotos) (Version: 3.0 - FileStream, Inc.)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{00FE2935-FB56-4410-AB5F-D6E70C1771D2}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Solitaire & More (x32 Version: 3.0.2.48 - WildTangent) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 1.0.057 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{2D5E3D2B-919F-407C-8757-E64827518BB6}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{F792E5B0-11C4-4C68-8A63-FB5F52749180}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
J2SE Runtime Environment 5.0 Update 11 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150110}) (Version: 1.5.0.110 - Sun Microsystems, Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 2.1.121.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 -  NewspaperDirect Inc.)
PS_AIO_02_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
QUAD Registry Cleaner v.1.5.45 (HKLM-x32\...\QUAD Registry Cleaner) (Version: v.1.5.45 - Interactive Brands Inc.)
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 4.0.3.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Rhapsody (HKLM-x32\...\Rhapsody) (Version:  - )
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
ShopAtHome.com Helper (HKLM-x32\...\ShopAtHome.com Helper) (Version: 7.0.4.17 - ShopAtHome.com)
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speedial (HKLM-x32\...\Speedial) (Version:  - Speedial) <==== ATTENTION
Spotify (HKCU\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SyncBack (HKLM-x32\...\SyncBack_is1) (Version:  - 2BrightSparks)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.3351 - Intuit Inc.) Hidden
TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0496 - Intuit Inc.) Hidden
TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0222 - Intuit Inc.) Hidden
TurboTax 2011 wpaiper (x32 Version: 011.000.1684 - Intuit Inc.) Hidden
TurboTax 2011 wrapper (x32 Version: 011.000.0121 - Intuit Inc.) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2309 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0474 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0186 - Intuit Inc.) Hidden
TurboTax 2012 wnjiper (x32 Version: 012.000.1557 - Intuit Inc.) Hidden
TurboTax 2012 wpaiper (x32 Version: 012.000.1493 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
VIP Access SDK (1.0.1.4)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
YTD Toolbar v6.2 (HKLM-x32\...\{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}) (Version: 6.2 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 3.9.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version:  - GreenTree Applications SRL)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
06-06-2014 19:23:18 RegClean Pro Fri, Jun 06, 14  15:23
06-06-2014 19:27:32 Installed AVG PC TuneUp 2014
06-06-2014 19:28:11 Removed AVG PC TuneUp 2014 (en-US)
08-06-2014 23:09:56 Installed TheSims3EP9
13-06-2014 02:22:21 OTL Restore Point - 6/12/2014 10:22:18 PM
13-06-2014 07:00:32 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2012-09-07 21:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {03421B59-FCA3-4414-B1CA-B24875F275D8} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {06CD4D25-CF59-4F10-B10A-B6A317FEA0E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {0CF7F5E4-EA12-47FD-B06A-1EFA3CC95F30} - System32\Tasks\HPCeeScheduleForZEKE-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {128BFEC3-D3E4-4EEE-8B2E-144B2542508A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {1A7C04F6-5755-4C1E-9174-7D0C8E0CC9B6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {1F0556D1-0CAE-4381-B832-030DDD231411} - System32\Tasks\TidyNetwork Update => C:\Users\Zeke\AppData\Local\TidyNetwork\petnupdate.exe
Task: {2231599C-ACB1-48E0-A3BC-1AB2910363A6} - System32\Tasks\{B5588283-98B9-4C86-BB71-06E37F85C229} => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {24A6A6EC-0DB7-4119-BF0B-40B442B03469} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {3074296F-249D-433B-9C55-66E24D9CBE06} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {31911401-6379-453D-A063-9014BF3400BA} - System32\Tasks\hpUrlLauncher.exe_{C345802E-2BE4-4628-BD99-670168E8FFCB} => C:\Program Files\hp\HP Officejet Pro 8600\Bin\utils\hpUrlLauncher.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {4FA0E259-1E5F-4A64-A81A-48EA78D716A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {50215363-0051-4C5B-A3F6-2B5D64CA8C18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-25] (Google Inc.)
Task: {508FF3AF-A714-49E2-B3A5-36B39EBB349D} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-07-20] (CyberLink)
Task: {531291A2-F025-423F-91B4-40DBC9A062FD} - System32\Tasks\HPCeeScheduleForZeke => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {5FA35098-9E98-4739-9A29-8A26A5F738C4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {672A231A-B789-4B03-92E8-6FEFEDCB7D87} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {705F79F2-FEB0-4201-B6FB-0F4490C2A8F7} - System32\Tasks\QUAD => C:\Program Files (x86)\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe [2008-12-01] (Interactive Brands Inc.)
Task: {7CFC2A64-6CA0-49AB-9056-30B80F0573DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {81975FFA-58D6-4628-9B20-56B594387E51} - System32\Tasks\AVG-Secure-Search-Update_0214b_rmv => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe [2014-02-05] ()
Task: {83C1FB0F-A72A-46CF-BBF4-6C93E06A5D13} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {84D7783E-A256-4E17-8F44-12159A090F2B} - System32\Tasks\AVG\PC Tuneup\Integrator\Start On Zeke Logon => C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe [2011-11-03] (AVG)
Task: {8C2BDB89-59A5-4230-AB80-7E0AF94FF4B0} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {9C0325CA-1B0B-4E8C-A53F-DB9877CAD94C} - System32\Tasks\AVG-Secure-Search-Update_0214b_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe [2014-02-05] ()
Task: {9ECF9F5D-08DB-4A3C-B5E3-41FFB2731DA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A6830202-DC2D-4958-A563-CFB5D601AFE7} - System32\Tasks\hpUrlLauncher.exe_{2D98EDFE-9114-473A-8E3D-A5C0FF0C6541} => C:\Program Files\hp\HP Officejet Pro 8600\Bin\utils\hpUrlLauncher.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {AC1CA336-E5EC-40FF-B3D7-16A293848229} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {B894D4F4-4625-41A6-ABE6-75089C54EB1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-25] (Google Inc.)
Task: {E12ACD19-9654-4362-8D4B-79D342D5B2CF} - System32\Tasks\BeFrugal.com Toolbar => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe [2014-03-04] (Capital Intellect, Inc.)
Task: {E7206F32-7E8C-4634-9D08-65FC93D70069} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {F4686DBE-2E65-4563-AC42-093FBC6CD321} - System32\Tasks\Speedial => C:\Users\Zeke\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\Windows\Tasks\BeFrugal.com Toolbar.job => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForZEKE-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForZeke.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\Speedial.job => C:\Users\Zeke\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2014-06-03 15:47 - 2014-06-03 15:47 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
2014-06-03 16:19 - 2014-06-03 16:19 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_thread-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_system-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_chrono-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_date_time-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_filesystem-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 10070888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareServiceKernel.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SQLite.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 03393352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\RCF.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_regex-vc100-mt-1_55.dll
2014-06-03 16:17 - 2014-06-03 16:17 - 00604520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareActivation.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\pugixml.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00360312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareApplicationUpdater.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\libssh2.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\zlib.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareGamingMode.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareReset.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTime.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00290168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIgnoreList.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00245608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareQuarantine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00336752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiMalwareEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiRootkitEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerHistory.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00610144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScanner.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_timer-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00326000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00453496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareRealTimeProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIncompatibles.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00218976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiSpam.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00171368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiPhishing.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00786800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareParentalControl.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 01936744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareWebProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00422256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareEmailProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareNetworkProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwarePromo.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00298336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareFeedback.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00371576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareThreatWorkAlliance.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SecurityCenter.dll
2014-06-05 11:03 - 2014-06-05 11:02 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 02082160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareShellExtension.dll
2011-10-05 17:09 - 2011-01-27 13:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 07715160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_locale-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00364896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\HtmlFramework.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\DllStorage.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00803696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTrayDefaultSkin.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\Localization.dll
2014-04-19 00:13 - 2014-06-13 03:19 - 02567192 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2014-06-05 11:03 - 2014-06-05 11:02 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
2014-04-19 00:13 - 2014-06-05 11:02 - 01640472 ____N () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2014-06-11 19:58 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-11 19:58 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-11 19:58 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-11 19:58 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-11 19:58 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-12 21:19 - 2014-06-03 13:13 - 00131800 _____ () C:\Users\Jack\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.3.470\wallpaper.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Windows\SysWOW64\CN25NBR1SK05KD:NW
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:C46995DA
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/13/2014 03:00:32 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-3805376401-1662035509-791222529-1004.bak).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {97339a8d-9213-43c9-829a-3dce90873d39}
 
Error: (06/13/2014 00:43:18 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/12/2014 10:22:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-3805376401-1662035509-791222529-1004.bak).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {ff18693f-7e4d-4e6c-8e0a-980e05a261af}
 
Error: (06/12/2014 02:00:32 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={49FBFA41-4890-4796-94C3-E6DDD1AD9CF6}: The user Zeke-HP\Zeke dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.
 
Error: (06/12/2014 02:00:15 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={11370F86-90E5-4F2D-BCDE-C83ED45D37E9}: The user Zeke-HP\Zeke dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.
 
Error: (06/12/2014 00:52:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/11/2014 08:04:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 6f8
 
Start Time: 01cf85d091380170
 
Termination Time: 0
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 137fe17d-f1c5-11e3-9ee5-386077829cb2
 
Error: (06/10/2014 11:29:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/10/2014 02:57:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/09/2014 00:58:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (06/13/2014 09:01:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
 
Error: (06/13/2014 09:01:27 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.
 
Error: (06/13/2014 03:27:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (06/13/2014 03:26:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater15.5.0 service failed to start due to the following error: 
%%2
 
Error: (06/13/2014 03:23:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater15.5.0 service failed to start due to the following error: 
%%2
 
Error: (06/12/2014 10:16:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (06/12/2014 10:15:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater15.5.0 service failed to start due to the following error: 
%%2
 
Error: (06/12/2014 04:28:28 AM) (Source: NetBT) (EventID: 4319) (User: )
Description: A duplicate name has been detected on the TCP network.  The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.
 
Error: (06/12/2014 04:27:58 AM) (Source: NetBT) (EventID: 4319) (User: )
Description: A duplicate name has been detected on the TCP network.  The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.
 
Error: (06/12/2014 04:15:27 AM) (Source: NetBT) (EventID: 4319) (User: )
Description: A duplicate name has been detected on the TCP network.  The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.
 
 
Microsoft Office Sessions:
=========================
Error: (12/08/2012 11:32:32 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (12/08/2012 11:31:46 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 44 seconds with 0 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-09-07 21:23:54.302
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-09-07 21:23:54.286
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-09-07 21:23:54.271
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-09-07 21:23:54.271
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-09-04 21:50:37.433
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-09-04 21:50:37.417
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 35%
Total physical RAM: 6050.52 MB
Available physical RAM: 3881.45 MB
Total Pagefile: 12099.21 MB
Available Pagefile: 8950.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:919.58 GB) (Free:805.37 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.83 GB) (Free:1.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Sims3EP09) (CDROM) (Total:5.21 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: F1B3B3B2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Jaclyn

#8 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 17 June 2014 - 01:23 AM

Multiple Antivirus Programs installed!

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time.

The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove either AdAware Antivirus or AVG.

 

 

 

 

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs
 

BeFrugal.com Toolbar
Catalina Savings Printer
Coupon Printer for Windows
McAfee Security Scan Plus
Speedial
YTD Toolbar v6.2
QUAD Registry Cleaner v.1.5.45
 


Close the window.

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-x.x.x.xxx.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 

#9 Jaclyn

Jaclyn

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 17 June 2014 - 06:37 AM

Uninstalled AdAware

Uninstalled BeFrugal Toolbar, however it still appears in the programs list.  Second uninstall, error message about it already being uninstalled, remove from program list? yes

Catalina Savings Printer does not appear in the list

Uninstalled Coupon Printer for Windows

Uninstalled MacAffee Security Scan Plus

Speedial was previously uninstalled but still appeared on the list.  Second uninstall, error message about it already being uninstalled, remove from program list? yes

YTD Toolbar was previously uninstalled but still appeared on the list.  Second uninstall, error message about not being able to uninstall it.  Still on the program list.

Uninstalled Quad Registry Cleaner

 

What is the information I need to know about coupon printers?  Why are they bad?  I know that at least one of those was purposely installed by a user of this computer.

 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-06-2014
Ran by Jack at 2014-06-17 07:58:47 Run:1
Running from C:\Users\Jack\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKLM-x32\...\Run: [BFHP] => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe [245072 2014-03-04] (Capital Intellect, Inc.)
GroupPolicyUsers\S-1-5-21-3805376401-1662035509-791222529-1004\User: Group Policy restriction detected <======= ATTENTION
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\Run: [QUAD Windows service] => C:\Program Files (x86)\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe [12185600 2008-12-01] (Interactive Brands Inc.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QUAD Windows service] => C:\Program Files (x86)\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe [12185600 2008-12-01] (Interactive Brands Inc.)
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe
Startup: C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (No File)
SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://speedial.com/...r=666191327&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {31090377-0740-419E-BEFC-A56E50500D5B} URL = 
BHO-x32: BeFrugalIEHelper - {2335A057-CBA6-40F6-A712-C6A7C98F7813} - C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFTB.dll (Capital Intellect, Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
CHR HomePage: hxxp://speedial.com/?f=1&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir=
CHR StartupUrls: "hxxp://speedial.com/?f=1&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir="
CHR NewTab: "chrome-extension://bakijjialdiiboeaknfpmflphhmljfkd/content/newtab/newtab.html"
CHR DefaultSearchKeyword: speedial.com
CHR DefaultSearchProvider: Speedial
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx [2013-09-15]
 
Task: {1F0556D1-0CAE-4381-B832-030DDD231411} - System32\Tasks\TidyNetwork Update => C:\Users\Zeke\AppData\Local\TidyNetwork\petnupdate.exe
Task: {E12ACD19-9654-4362-8D4B-79D342D5B2CF} - System32\Tasks\BeFrugal.com Toolbar => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe [2014-03-04] (Capital Intellect, Inc.)
Task: {F4686DBE-2E65-4563-AC42-093FBC6CD321} - System32\Tasks\Speedial => C:\Users\Zeke\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\BeFrugal.com Toolbar.job => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe
Task: C:\Windows\Tasks\Speedial.job => C:\Users\Zeke\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
R2 BeFrugal.com Service; C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [416592 2014-03-04] (Capital Intellect, Inc.)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [176624 2014-02-13] (Coupons.com Inc.)
R1 ssnfd; C:\Windows\System32\drivers\ssnfd.sys [58248 2014-05-13] (Search Snacks)
 
AlternateDataStreams: C:\Windows\SysWOW64\CN25NBR1SK05KD:NW
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:C46995DA
 
2014-06-05 12:15 - 2014-06-11 10:04 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-06-05 12:15 - 2014-06-05 22:17 - 00000000 _____ () C:\END
2014-06-05 12:15 - 2014-06-05 12:15 - 00003984 _____ () C:\Windows\System32\Tasks\TidyNetwork Update
2014-06-05 12:15 - 2014-06-05 12:15 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts
2014-06-05 12:15 - 2014-06-05 12:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-05 12:18 - 2014-06-05 12:19 - 00001089 _____ () C:\Users\Zeke\Desktop\MyPC Backup.lnk
2014-06-05 12:18 - 2014-06-05 12:18 - 00001971 _____ () C:\Users\Zeke\Desktop\Sync Folder.lnk
2014-06-05 12:18 - 2014-06-05 12:18 - 00000000 ____D () C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-05 12:18 - 2014-06-05 12:18 - 00000000 ____D () C:\Program Files\SearchSnacks
2014-06-06 15:20 - 2014-06-16 20:12 - 00000288 _____ () C:\Windows\Tasks\Speedial.job
2014-06-06 15:20 - 2014-06-06 15:20 - 00003224 _____ () C:\Windows\System32\Tasks\Speedial
C:\Program Files (x86)\Common Files\BeFrugal.com
C:\Program Files (x86)\QUAD Utilities
C:\Program Files\Earth Networks
C:\Program Files (x86)\MyPC Backup
C:\Users\Zeke\AppData\Roaming\skype.ini
 
CMD: netsh winsock reset
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BFHP => value deleted successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3805376401-1662035509-791222529-1004\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\Software\Microsoft\Windows\CurrentVersion\Run\\QUAD Windows service => value deleted successfully.
HKU\S-1-5-21-3805376401-1662035509-791222529-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherBug => value deleted successfully.
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\QUAD Windows service => Value not found.
HKU\S-1-5-21-3805376401-1662035509-791222529-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherBug => Value not found.
C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk => Moved successfully.
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe not found.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}' => Key deleted successfully.
'HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}' => Key deleted successfully.
'HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335A057-CBA6-40F6-A712-C6A7C98F7813}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{2335A057-CBA6-40F6-A712-C6A7C98F7813}' => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
'HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}'=> Key not found.
CHR HomePage: hxxp://speedial.com/?f=1&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir= ==> The Chrome "Settings" can be used to fix the entry.
CHR StartupUrls: "hxxp://speedial.com/?f=1&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir=" ==> The Chrome "Settings" can be used to fix the entry.
CHR NewTab: "chrome-extension://bakijjialdiiboeaknfpmflphhmljfkd/content/newtab/newtab.html" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchKeyword: speedial.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Speedial ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://speedial.com/...r=666191327&ir= ==> The Chrome "Settings" can be used to fix the entry.
C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll not found.
C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll not found.
'HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cnpkmcjgpcihgfnkcjapiaabbbplkcmf' => Key deleted successfully.
"C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx" => File/Directory not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F0556D1-0CAE-4381-B832-030DDD231411}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F0556D1-0CAE-4381-B832-030DDD231411}' => Key deleted successfully.
C:\Windows\System32\Tasks\TidyNetwork Update => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TidyNetwork Update' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E12ACD19-9654-4362-8D4B-79D342D5B2CF}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E12ACD19-9654-4362-8D4B-79D342D5B2CF}' => Key deleted successfully.
C:\Windows\System32\Tasks\BeFrugal.com Toolbar => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BeFrugal.com Toolbar' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4686DBE-2E65-4563-AC42-093FBC6CD321}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4686DBE-2E65-4563-AC42-093FBC6CD321}' => Key deleted successfully.
C:\Windows\System32\Tasks\Speedial => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Speedial' => Key deleted successfully.
C:\Windows\Tasks\BeFrugal.com Toolbar.job => Moved successfully.
C:\Windows\Tasks\Speedial.job => Moved successfully.
BeFrugal.com Service => Service stopped successfully.
BeFrugal.com Service => Service deleted successfully.
CouponPrinterService => Service not found.
ssnfd => Unable to stop service
ssnfd => Service deleted successfully.
C:\Windows\SysWOW64\CN25NBR1SK05KD => ":NW" ADS removed successfully.
C:\ProgramData\Temp => ":0B4227B4" ADS removed successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
C:\ProgramData\Temp => ":C46995DA" ADS removed successfully.
C:\Program Files (x86)\TidyNetwork => Moved successfully.
C:\END => Moved successfully.
"C:\Windows\System32\Tasks\TidyNetwork Update" => File/Directory not found.
C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts => Moved successfully.
C:\Program Files (x86)\SearchProtect => Moved successfully.
C:\Users\Zeke\Desktop\MyPC Backup.lnk => Moved successfully.
C:\Users\Zeke\Desktop\Sync Folder.lnk => Moved successfully.
C:\Users\Zeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup => Moved successfully.
C:\Program Files\SearchSnacks => Moved successfully.
"C:\Windows\Tasks\Speedial.job" => File/Directory not found.
"C:\Windows\System32\Tasks\Speedial" => File/Directory not found.
C:\Program Files (x86)\Common Files\BeFrugal.com => Moved successfully.
C:\Program Files (x86)\QUAD Utilities => Moved successfully.
C:\Program Files\Earth Networks => Moved successfully.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
C:\Users\Zeke\AppData\Roaming\skype.ini => Moved successfully.
 
=========  netsh winsock reset =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/17/2014
Scan Time: 8:06:00 AM
Logfile: MBlog(2).txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.17.04
Rootkit Database: v2014.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jack
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 444726
Time Elapsed: 21 min, 50 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 2
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7e0a4b2e9fdc8caa27131b24e41e1be5], 
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-3805376401-1662035509-791222529-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7e0a4b2e9fdc8caa27131b24e41e1be5], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 3
PUP.Optional.Speedial.A, C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://speedial.com/...r=666191327&ir=" ],), Replaced,[0f79f4853a41132378187730c83cf709]
PUP.Optional.Speedial.A, C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://speedial.com/...r=666191327&ir=",), Replaced,[cabe63164338b284761bb7f0e51f27d9]
PUP.Optional.Speedial.A, C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "search_url": "http://speedial.com/...ults.php?f=4&q={searchTerms}&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir=",), Replaced,[4a3e1a5fee8d38fe8d057d2aab59f709]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Jaclyn

#10 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 17 June 2014 - 08:29 AM

Coupon Printer brought unwanted additional advertising programs with it in the past.

We recommend to remove it.

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 

    Advertisements

Register to Remove


#11 Jaclyn

Jaclyn

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 18 June 2014 - 06:18 AM

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zdatact.dll.vir a variant of Win32/Toolbar.MyWebSearch.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zhtmlmu.dll.vir probably a variant of Win32/Toolbar.MyWebSearch.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zPlugin.dll.vir probably a variant of Win32/Toolbar.MyWebSearch application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\CouponXplorer_5z\bar\1.bin\5zskin.dll.vir a variant of Win32/Toolbar.MyWebSearch.P application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\CouponXplorer_5z\bar\1.bin\T8HTML.DLL.vir probably a variant of Win32/Toolbar.MyWebSearch.F application

Jaclyn

#12 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 19 June 2014 - 08:40 AM

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 

#13 Jaclyn

Jaclyn

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 19 June 2014 - 07:43 PM

I ran AdwCleaner and JRT.  Results below.  When I ran Security Check, I got a message that says "UNSUPPORTED OPERATING SYSTEM! ABORTED!"  Also, when I opened up google chrome to post these results, I got a notification that Speedial has been added as an extension, enable/disable... I clicked disable.

 

 

# AdwCleaner v3.212 - Report created 19/06/2014 at 21:25:34
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jack - ZEKE-HP
# Running from : C:\Users\Jack\Desktop\adwcleaner_3.212.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\Uniblue
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[!] Folder Deleted : C:\Users\Jack\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Jack\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Jack\AppData\LocalLow\RadioRage_4j
Folder Deleted : C:\Users\Mike&Matt\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Mike&Matt\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Mike&Matt\AppData\LocalLow\RadioRage_4j
Folder Deleted : C:\Users\Temporary\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Temporary\AppData\LocalLow\AVG SafeGuard toolbar
[!] Folder Deleted : C:\Users\Zeke\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Zeke\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Zeke\AppData\LocalLow\RadioRage_4j
Folder Deleted : C:\Users\Zeke\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Zeke\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Zeke\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\Extensions\shopcbtoolbar@befrugal.com
Folder Deleted : C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\Extensions\toolbar@shopathome.com
Folder Deleted : C:\Users\Temporary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Zeke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\invalidprefs.js
File Deleted : C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\searchplugins\bingp.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\searchplugins\web-search.xml
File Deleted : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\user.js
File Deleted : C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\user.js
File Deleted : C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\user.js
File Deleted : C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9638B7D6-11F5-4406-B387-327642A11FFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DFEB941C-8B58-4899-97C3-88FE394E1285}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E6AD866F-EA06-476A-8432-ED943683FAB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F706E19B-6C14-4272-BA98-2F16636A898D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9638B7D6-11F5-4406-B387-327642A11FFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F706E19B-6C14-4272-BA98-2F16636A898D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{004EB151-885B-4A9E-A22D-CA98DD998D75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{041278C7-DF92-486D-AE85-921BDFC75A43}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1116A14B-F6A3-4FD9-A00E-FF8CF270EE48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{36A7148B-639E-423C-90BB-30B6E1A40BD7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{61DAB0AD-AD23-4E40-84AC-7C6CE64D4EB3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{65D8E17B-312E-4E12-913B-A841A8631143}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{860AF5D1-0735-409D-8E5F-E3E99356D7E9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0636D37-97D0-4DC4-95A6-93AABA07437F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D244EAC5-A0F5-4859-A1F8-18ABC0AC3A00}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v29.0.1 (en-US)
 
[ File : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\vgt1h20z.default\prefs.js ]
 
Line Deleted : user_pref("avg.install.Revert_DSP", "AVG Secure Search");
Line Deleted : user_pref("avg.install.Revert_HP", "hxxp://speedial.com/?f=1&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1S[...]
Line Deleted : user_pref("avg.install.userHPSettings", "hxxp://speedial.com/?f=1&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDy[...]
Line Deleted : user_pref("avg.install.userSPSettings", "AVG Secure Search");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
 
[ File : C:\Users\Mike&Matt\AppData\Roaming\Mozilla\Firefox\Profiles\zverton2.default\prefs.js ]
 
Line Deleted : user_pref("browser.search.defaultenginename", "Speedial");
Line Deleted : user_pref("browser.search.selectedEngine", "Speedial");
 
[ File : C:\Users\Temporary\AppData\Roaming\Mozilla\Firefox\Profiles\rozytu7v.default\prefs.js ]
 
Line Deleted : user_pref("browser.search.selectedEngine", "Speedial");
 
[ File : C:\Users\Zeke\AppData\Roaming\Mozilla\Firefox\Profiles\mgp5jw07.default\prefs.js ]
 
Line Deleted : user_pref("browser.search.defaultenginename", "Speedial");
Line Deleted : user_pref("browser.search.selectedEngine", "Speedial");
Line Deleted : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
Line Deleted : user_pref("extensions.sahtb.url.prefs.data", "<ToolbarPrefs>\r\n <XMLVersion Number=\"{bdd09e8b-8dee-478c-9f4e-0db5e30597cc}\" />\r\n <AnalyticsURL URL=\"hxxp://www.google-analytics.com/__utm.gif?utmw[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.BUTTON_STRUCTURE", "[{\"b\":221359046,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221359047,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.firstKnownVersion", "6.20.3.33657");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=86C69866-22D2-4C41-A3C4-DBEA2B285EBC&n=780bd353&p2=^ZX^xdm100^YYA^us&si=radiomania-0-2");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.installKeysSource", "File");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.installation.installDate", "2014040915");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.installation.partnerId", "^ZX^xdm100^YYA^us");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.installation.partnerSubId", "radiomania-0-2");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.installation.toolbarId", "86C69866-22D2-4C41-A3C4-DBEA2B285EBC");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.isCompliantUninstallImplementation", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.lastActivePing", "1402579652423");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.lastKnownVersion", "6.33.3.58455");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.options.defaultSearch", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.options.homePageEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.options.keywordEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.options.tabEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.partnerPixelFired", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.searchHistory", "VERIFY");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.successUrl", "hxxp://radiorage.dl.tb.ask.com/installComplete.jhtml");
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.toolbarCollapsed", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._4jMembers_.weather.location", "08037");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.BUTTON_STRUCTURE", "[{\"b\":221731827,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221731828,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.firstKnownVersion", "5.79.3.13309");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?n=780bd353&p2=^AFA^xpi000^S08369^");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.installDate", "2014040915");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerId", "^AFA^xpi000^S08369^");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerSubId", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.success", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.isCompliantUninstallImplementation", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.lastKnownVersion", "6.33.3.58358");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.defaultSearch", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.homePageEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.keywordEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.tabEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.partnerPixelFired", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.toolbarCollapsed", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.weather.location", "08037");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "couponxplorer@mindspark.com");
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Mike&Matt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir=
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
[ File : C:\Users\Temporary\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_coinis_14_23_ie&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByEtB0C0D0Bzyzy0FyEyDtN0D0Tzu0SzzzzzztN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBtCzztDzyzy0A0FtGzzzzzztBtGzzzztD0DtGtCyD0CzztGyD0ByByEyCtB0F0D0AzzzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0CyBtA0FyC0DtG0FyEtCtDtG0B0BzytDtG0D0E0CyEtGyByDyDyByCyB0D0B0FyCyEtA2Q&cr=666191327&ir=
Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
 
*************************
 
AdwCleaner[R0].txt - [23703 octets] - [22/09/2013 23:51:09]
AdwCleaner[R1].txt - [26667 octets] - [19/06/2014 21:23:21]
AdwCleaner[S0].txt - [23670 octets] - [22/09/2013 23:52:56]
AdwCleaner[S1].txt - [25215 octets] - [19/06/2014 21:25:34]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [25276 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jack on Thu 06/19/2014 at 21:31:39.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
 
 
 
~~~ FireFox
 
Successfully deleted the following from C:\Users\Jack\AppData\Roaming\mozilla\firefox\profiles\vgt1h20z.default\prefs.js
 
user_pref("avg.install.extHomepage", "hxxp://mysearch.avg.com?pid=safeguard&sg=&cid=%7B1fc167b3-c20a-4724-a6b2-4ff406a1763d%7D&mid=b85a164e1fa547d1a124e92931667541-5a029d077e7
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 06/19/2014 at 21:38:32.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
checkup:
 UNSUPPORTED OPERATING SYSTEM! ABORTED!
 

Jaclyn

#14 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 23 June 2014 - 02:01 AM


SecurityCheck

Reboot your system before starting!

 

Proud Member of UNITE & TB
 

#15 Jaclyn

Jaclyn

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 23 June 2014 - 04:24 AM

 Results of screen317's Security Check version 0.99.85  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2014   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 SpywareBlaster 5.0    
 AVG PC Tuneup   
 AVG PC TuneUp 2014 (en-US) 
 Java 7 Update 25  
 Java version out of Date! 
  Adobe Flash Player 13.0.0.214 Flash Player out of Date!  
 Adobe Reader 10.1.10 Adobe Reader out of Date!  
 Mozilla Firefox 29.0.1 Firefox out of Date!  
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
 Google Chrome plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Symantec Norton Online Backup NOBuAgent.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 

Jaclyn

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users