WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Malware: MySearchDial.A and My SpeedDial.A

Started by BarryA , Jan 03 2015 07:25 AM

This topic is locked

20 replies to this topic

#1 BarryA

Authentic Member

Authentic Member
89 posts

Posted 03 January 2015 - 07:25 AM

My Internet Explorer becomes slow especially when I have had multiple pages open for a while, often this leads to programme or computer freezing. I ran MalwareBytes and found indications that registry keys had been affected by MySearchDial.A and MySpeedDial.A

Restarting usually gets the system back running at a sensible speed.

I have an older Toshiba Satellite Pro laptop with 1.5 Gb RAM

I am running XP SP3 Prof, with IE8, MS Office 2003 Prof, Avast free antivirus.

I would appreciate help cleaning up my computer and advice on whether II should be able to run multiple web pages with 1.5Gb of RAM. Generally I will only have Outlook running alongside IE.

Attached are the required scan reports as well as the MalwareBytes log report.

Many thanks in advance

BarryA

FRST.txt 26.13KB 212 downloads

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-01-02 20:32:04
-----------------------------
20:32:04.865    OS Version: Windows 5.1.2600 Service Pack 3
20:32:04.865    Number of processors: 1 586 0xD08
20:32:04.865    ComputerName: ROBLAPTOP UserName: GARETH
20:32:06.177    Initialize success
20:32:06.271    VM: initialized successfully
20:32:06.287    VM: Intel CPU virtualization not supported
20:32:09.974    AVAST engine defs: 15010201
20:32:33.490    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:32:33.490    Disk 0 Vendor: FUJITSU_MHV2040BH 00000028 Size: 38154MB BusType: 3
20:32:33.630    Disk 0 MBR read successfully
20:32:33.646    Disk 0 MBR scan
20:32:33.646    Disk 0 Windows XP default MBR code
20:32:33.662    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        38152 MB offset 63
20:32:33.662    Disk 0 default boot code
20:32:33.677    Disk 0 scanning sectors +78137325
20:32:33.787    Disk 0 scanning C:\WINDOWS\system32\drivers
20:32:47.318    Service scanning
20:33:06.443    Modules scanning
20:33:06.943    Disk 0 trace - called modules:
20:33:06.974    ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
20:33:06.974    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a26dab8]
20:33:06.990    3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a26ed98]
20:33:07.349    AVAST engine scan C:\WINDOWS
20:33:31.412    AVAST engine scan C:\WINDOWS\system32
20:36:04.959    AVAST engine scan C:\WINDOWS\system32\drivers
20:36:22.771    AVAST engine scan C:\Documents and Settings\GARETH
20:42:03.693    AVAST engine scan C:\Documents and Settings\All Users
20:42:42.052    Disk 0 statistics 1459428/0/0 @ 1.64 MB/s
20:42:42.068    Scan finished successfully
20:43:38.568    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\GARETH\Desktop\MBR.dat"
20:43:38.584    The log file has been saved successfully to "C:\Documents and Settings\GARETH\Desktop\aswMBR.log"

***********************************

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2015
Ran by GARETH (administrator) on ROBLAPTOP on 02-01-2015 20:59:05
Running from C:\Documents and Settings\GARETH\Desktop
Loaded Profile: GARETH (Available profiles: GARETH & ROB & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\WINDOWS\system32\acs.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
() C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSServ.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSBattM.exe
() C:\WINDOWS\system32\CmWatch.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\Toshiba.exe
(TOSHIBA) C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVAST Software) C:\Documents and Settings\GARETH\Desktop\aswMBR.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPSMain] => C:\WINDOWS\system32\TPSMain.exe [266240 2006-02-08] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [118784 2005-05-12] (TOSHIBA Corporation)
HKLM\...\Run: [CFSServ.exe] => CFSServ.exe -NoClient
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [Toshiba Hotkey Utility] => C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe [1589248 2006-01-28] (TOSHIBA Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761945 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [NeroCheck] => C:\WINDOWS\system32\\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [CmCardRun] => C:\WINDOWS\system32\CmWatch.exe [229376 2003-09-16] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5226600 2014-11-21] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2005-04-11] (TOSHIBA)
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Run: [POP Peeper] => C:\Program Files\POP Peeper\POPPeeper.exe [1609728 2011-08-18] (Mortal Universe)
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Policies\Explorer: [NoDriveAutoRun] 0xFFFFFFFF
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk
ShortcutTarget: Service Manager.lnk -> C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\GARETH\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
ShortcutTarget: Microsoft Office OneNote 2003 Quick Launch.lnk -> C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\ROB\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
ShortcutTarget: Microsoft Office OneNote 2003 Quick Launch.lnk -> C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...cr=430031871=
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://start.mysearc...cr=430031871=" <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...cr=430031871=
SearchScopes: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...cr=430031871=
BHO: No Name -> {206E52E0-D52E-11D4-AD54-0000E86C26F6} -> C:\Program Files\FreshDevices\FreshDownload\fdcatch.dll (FreshDevices Corp.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\Program Files\FreshDevices\FreshDownload\fdiebar.dll (FreshDevices Corp.)
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1395059582562
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default
FF DefaultSearchEngine: Mysearchdial
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Mysearchdial
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=430031871&ir=
FF Keyword.URL:
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npfd.dll (FreshDevices Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Lavasoft Search Plugin - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2012-10-29]
FF Extension: No Name - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\staged-xpis [2014-02-25]
FF Extension: No Name - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2014-02-25]
FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-07-05]
FF Extension: No Name - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2012-10-29]
FF Extension: MySearchDial NewTab - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-01-16]
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2006-07-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-02-24]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-09-10]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011-09-10]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [2012-05-29]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-07]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-01-24]
FF StartMenuInternet: FIREFOX.EXE - C:\PROGRA~1\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31]
CHR Extension: (Google Drive) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-31]
CHR Extension: (YouTube) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-13]
CHR Extension: (Google Search) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-13]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-03]
CHR Extension: (Google Wallet) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
CHR Extension: (MySearchDial) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-01-31]
CHR Extension: (Gmail) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-11-21]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\GARETH\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-01-16]
CHR HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\GARETH\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-01-16]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACS; C:\WINDOWS\system32\acs.exe [36864 2005-07-07] () [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-11-21] (AVAST Software)
R2 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [166520 2008-03-19] ()
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2005-01-17] (TOSHIBA CORPORATION) [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MSSQL$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe [9150464 2005-05-03] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [73728 2005-05-03] (Microsoft Corporation) [File not signed]
S3 SQLAgent$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE [323584 2005-05-03] (Microsoft Corporation) [File not signed]
R2 Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [51816 2008-03-19] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [17801 2006-07-27] (Meetinghouse Data Communications) [File not signed]
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [468736 2005-09-13] (Atheros Communications, Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-21] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-21] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-21] ()
R3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [34312 2007-06-24] (IVT Corporation.)
R3 BlueletSCOAudio; C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys [27656 2007-06-24] (IVT Corporation.)
R3 BoiHwsetup; C:\WINDOWS\System32\drivers\BoiHwSetup.sys [5504 2005-06-11] (Quanta Computer Corp)
S3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [18320 2007-03-05] (IVT Corporation.)
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [38920 2007-06-24] (IVT Corporation.)
R0 BTHidEnum; C:\WINDOWS\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.)
R3 HSFHWATI; C:\WINDOWS\System32\DRIVERS\HSFHWATI.sys [225792 2005-11-29] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [936960 2005-11-29] (Conexant Systems, Inc.)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [21060 2003-09-10] (InterVideo, Inc.) [File not signed]
R2 Netdevio; C:\WINDOWS\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.) [File not signed]
R3 Pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R3 qkbfiltr; C:\WINDOWS\System32\drivers\qkbfiltr.sys [31872 2006-01-12] (Quanta Computer, Inc.) [File not signed]
R3 qmofiltr; C:\WINDOWS\System32\drivers\qmofiltr.sys [7936 2005-05-05] (Quanta Computer, Inc.) [File not signed]
S3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 UMSSSTOR; C:\WINDOWS\System32\DRIVERS\UMSS.SYS [48384 2003-09-16] (C-Media Corporation)
R3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.)
S4 IntelIde; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
U3 aswMBR; \??\C:\DOCUME~1\GARETH\LOCALS~1\Temp\aswMBR.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 20:59 - 2015-01-02 20:59 - 00021612 _____ () C:\Documents and Settings\GARETH\Desktop\FRST.txt
2015-01-02 20:56 - 2015-01-02 20:59 - 00000000 ____D () C:\FRST
2015-01-02 20:55 - 2015-01-02 20:56 - 01115136 _____ (Farbar) C:\Documents and Settings\GARETH\Desktop\FRST.exe
2015-01-02 20:43 - 2015-01-02 20:43 - 00002050 _____ () C:\Documents and Settings\GARETH\Desktop\aswMBR.log
2015-01-02 20:43 - 2015-01-02 20:43 - 00000512 _____ () C:\Documents and Settings\GARETH\Desktop\MBR.dat
2015-01-02 20:31 - 2015-01-02 20:31 - 05198336 _____ (AVAST Software) C:\Documents and Settings\GARETH\Desktop\aswMBR.exe
2015-01-02 20:25 - 2015-01-02 20:25 - 00007445 _____ () C:\Documents and Settings\GARETH\Desktop\hijackthis.log
2015-01-02 20:10 - 2015-01-02 20:10 - 00805056 _____ (SecuredDownload) C:\Documents and Settings\GARETH\Desktop\hijackthis_setup.exe
2014-12-30 18:00 - 2014-12-30 18:01 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-30 18:00 - 2014-12-30 18:00 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-30 18:00 - 2014-12-30 18:00 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-30 18:00 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-13 19:27 - 2014-12-13 19:27 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-12-13 19:26 - 2014-12-13 19:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 20:59 - 2006-07-27 08:18 - 00000000 ____D () C:\Documents and Settings\GARETH\Local Settings\Temp
2015-01-02 20:45 - 2012-04-16 10:31 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-02 20:45 - 2006-02-15 14:29 - 00032510 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-02 19:26 - 2013-10-14 15:17 - 00000424 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{E3CB84DD-4309-468E-B967-A2F4E33CA2E1}.job
2015-01-02 17:02 - 2006-02-15 14:24 - 01934506 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-02 09:31 - 2012-08-05 19:08 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-12-30 20:03 - 2012-05-25 11:50 - 00139845 _____ () C:\WINDOWS\system32\English
2014-12-30 18:00 - 2013-04-19 10:58 - 00000000 ____D () C:\Documents and Settings\GARETH\Application Data\Malwarebytes
2014-12-30 18:00 - 2013-04-19 10:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-12-30 17:59 - 2013-04-19 10:57 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-12-30 17:44 - 2012-05-29 12:07 - 3898688512 _____ () C:\Documents and Settings\GARETH\Desktop\Outlook backup.pst
2014-12-21 09:34 - 2014-01-30 13:29 - 00000000 ____D () C:\Documents and Settings\GARETH\Desktop\New Folder
2014-12-19 12:16 - 2012-10-04 17:02 - 00415232 ___SH () C:\Documents and Settings\GARETH\Desktop\Thumbs.db
2014-12-19 09:33 - 2006-02-15 14:11 - 00000000 ____D () C:\WINDOWS\Help
2014-12-18 10:09 - 2012-10-05 10:46 - 00008769 _____ () C:\Documents and Settings\GARETH\English
2014-12-11 11:51 - 2012-04-16 10:31 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-11 11:51 - 2011-05-13 23:23 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-12-11 11:47 - 2006-02-15 14:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-11 11:47 - 2006-02-15 14:20 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-12-11 11:47 - 2006-02-15 14:20 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-12-11 10:56 - 2006-07-27 08:18 - 00000278 ___SH () C:\Documents and Settings\GARETH\ntuser.ini
2014-12-11 10:56 - 2006-07-27 08:18 - 00000000 ____D () C:\Documents and Settings\GARETH
2014-12-11 10:54 - 2010-09-15 12:48 - 00000000 ____D () C:\Documents and Settings\GARETH\Application Data\POP Peeper

Some content of TEMP:
====================
C:\Documents and Settings\GARETH\Local Settings\Temp\FoxitUpdater.exe
C:\Documents and Settings\GARETH\Local Settings\Temp\ICReinstall_hijackthis_setup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

****************************

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-01-2015
Ran by GARETH at 2015-01-02 21:00:43
Running from C:\Documents and Settings\GARETH\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC97 Data Fax SoftModem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_FF311179) (Version: - )
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ArcSoft Panorama Maker 6 (HKLM\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Atheros Client Utility (HKLM\...\{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE}) (Version: 1.41.000 - )
Atheros Wireless LAN MiniPCI card Driver (HKLM\...\{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}) (Version: 1.26.000 - )
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5173 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.203-051211a-030226C-Toshiba - )
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
BFPA '99 (HKLM\...\ST5UNST #1) (Version: - )
Bluesoleil2.7.0.35 VoIP Release 080317 (HKLM\...\{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}) (Version: 2.7.0.35 VoIP Release 080317 - IVT Corporation)
Canon MP Navigator EX 1.0 (HKLM\...\MP Navigator EX 1.0) (Version: - )
Canon MP610 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series) (Version: - )
Canon MP610 series User Registration (HKLM\...\Canon MP610 series User Registration) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 1.00.008 - TOSHIBA)
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version: - )
CleanUp! (HKLM\...\CleanUp!) (Version: - )
C-Media USB Mass Storage Driver (HKLM\...\C-Media Card Reader Driver) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant AC-Link Audio (HKLM\...\CNXT_AUDIO) (Version: - )
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.3.25.1124 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
FreshDownload (HKLM\...\FreshDevices - FreshDownload_is1) (Version: - )
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
InterVideo WinDVD Creator 2 (HKLM\...\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}) (Version: 2.0.14.376 - InterVideo Inc.)
InterVideo WinDVD for TOSHIBA (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.535 - InterVideo Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Macromedia Flash Player (HKLM\...\{0456ebd7-5f67-4ab6-852e-63781e3f389c}) (Version: 7.0.19.0 - Macromedia, Inc.)
Mail Merge Toolkit (HKLM\...\{B008D66F-B796-4C06-B707-932F0B225531}) (Version: 2.6.1 - MAPILab Ltd.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Access 2002 Runtime (HKLM\...\{901C0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.4302.00 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office OneNote 2003 (HKLM\...\{91A10409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Office Outlook 2003 with Business Contact Manager Update (HKLM\...\{BA68600E-96D9-4E92-80F2-26B9681B5A63}) (Version: 2.0.5324.0 - Microsoft Corporation)
Microsoft Office Small Business Edition 2003 (HKLM\...\{91CA0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook Personal Folders Backup (HKLM\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ) (HKLM\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.2039 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox (2.0.0.6) (HKLM\...\Mozilla Firefox (2.0.0.6)) (Version: 2.0.0.6 (en-US) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
Nero - Burning Rom (HKLM\...\{A4D7B764-4140-11D4-88EB-0050DA3579C0}) (Version: 5.5.9 - ahead software gmbh)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
Particle DDE Server (HKLM\...\ST6UNST #1) (Version: - )
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.4.15 - Nikon)
POP Peeper (HKLM\...\POP Peeper) (Version: - Mortal Universe)
REALTEK Gigabit and Fast Ethernet NIC Driver (HKLM\...\{94FB906A-CF42-4128-A509-D353026A607E}) (Version: 1.70 - REALTEK Semiconductor Corp.)
ScanSoft OmniPage SE 4 (HKLM\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Sonic RecordNow! (HKLM\...\{9541FED0-327F-4DF0-8B96-EF57EF622F19}) (Version: 7.31 - Sonic Solutions)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.9.0 - Synaptics)
SYSPRO 6.0 (HKLM\...\SYSPRO 6.0) (Version: - )
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: - )
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 5.90.05 - )
Toshiba Hotkey Utility (HKLM\...\InstallShield_{7B1F9CB1-349A-43F5-A742-6215C2E2DB6F}) (Version: 1.07.09.02 - TOSHIBA)
TOSHIBA Manuals (HKLM\...\{3EB6332B-AF02-457C-A31C-835458C5B48B}) (Version: 7.05 - TOSHIBA)
TOSHIBA PC Diagnostic Tool (HKLM\...\PC Diagnostic Tool) (Version: - )
TOSHIBA Power Saver (HKLM\...\Power Saver) (Version: 7.03.07.Q - )
Toshiba Touchpad Utility (HKLM\...\InstallShield_{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}) (Version: 1.07.09.02 - TOSHIBA)
Toshiba Utility (HKLM\...\InstallShield_{099D12EC-0321-4CAC-A0CC-33D020156FCD}) (Version: 1.07.09.02 - TOSHIBA)
TOSHIBA Zooming Utility (HKLM\...\{64212898-097F-4F3F-AECA-6D34A7EF82DF}) (Version: - )
Touch and Launch (HKLM\...\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}) (Version: - )
Update for Zip Opener (HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Digital Sites) (Version: - Update for Zip Opener) <==== ATTENTION
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.8.2 - Nikon)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
xHamster Video Downloader 3.22 (HKLM\...\xHamster Video Downloader_is1) (Version: - DownloadToolz, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\GARETH\Application Data\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005_Classes\CLSID\{00F02382-34F1-4E11-9CBD-9BC7D68E0383}\InprocServer32 -> C:\Program Files\MAPILab Ltd\Mail Merge Toolkit\OutlookSenderAddin.dll (MAPILab Ltd.)
CustomCLSID: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005_Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}\InprocServer32 -> C:\Program Files\Common Files\Outlook Security Manager\secman.dll (MAPILab Ltd. & Add-in Express Ltd.)
CustomCLSID: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005_Classes\CLSID\{CB32F11A-81B4-4455-91EF-6219447739C0}\InprocServer32 -> C:\Program Files\Common Files\MAPILab Ltd\MLTrial21.dll (MAPILab Ltd.)
CustomCLSID: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\GARETH\Application Data\Dropbox\bin\Dropbox.exe /wiacallback No File
CustomCLSID: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005_Classes\CLSID\{FA075D03-1BAF-4AE1-9ADD-56C740247836}\InprocServer32 -> C:\Program Files\MAPILab Ltd\Mail Merge Toolkit\MMTProg.dll (MAPILab Ltd.)

==================== Restore Points =========================

08-12-2014 00:57:21 System Checkpoint
09-12-2014 01:57:27 System Checkpoint
10-12-2014 02:57:26 System Checkpoint
11-12-2014 03:57:22 System Checkpoint
11-12-2014 11:56:39 Software Distribution Service 3.0
12-12-2014 15:12:10 System Checkpoint
13-12-2014 15:58:54 System Checkpoint
13-12-2014 19:27:13 Printer Driver Foxit Reader PDF Printer Driver Installed
14-12-2014 19:58:56 System Checkpoint
15-12-2014 20:58:56 System Checkpoint
16-12-2014 21:58:55 System Checkpoint
17-12-2014 22:58:54 System Checkpoint
18-12-2014 22:59:48 System Checkpoint
19-12-2014 23:00:55 System Checkpoint
20-12-2014 23:59:12 System Checkpoint
22-12-2014 00:00:52 System Checkpoint
23-12-2014 00:59:48 System Checkpoint
24-12-2014 01:59:49 System Checkpoint
25-12-2014 02:59:44 System Checkpoint
26-12-2014 03:00:12 System Checkpoint
27-12-2014 04:00:12 System Checkpoint
28-12-2014 05:00:11 System Checkpoint
29-12-2014 06:00:16 System Checkpoint
30-12-2014 07:00:28 System Checkpoint
31-12-2014 08:00:13 System Checkpoint
01-01-2015 09:00:19 System Checkpoint
02-01-2015 12:28:18 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-02-15 13:09 - 2004-08-04 13:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => ?
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{E3CB84DD-4309-468E-B967-A2F4E33CA2E1}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2015-01-02 20:07 - 2015-01-02 20:07 - 02909696 _____ () C:\Program Files\Alwil Software\Avast5\defs\15010201\algo.dll
2014-01-14 09:48 - 2012-09-18 15:26 - 00169472 _____ () C:\WINDOWS\system32\zlhp1020.dll
2014-01-14 09:48 - 2012-09-18 15:26 - 00059904 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\pphp1020.dll
2006-07-27 08:15 - 2005-07-07 23:13 - 00036864 _____ () C:\WINDOWS\system32\acs.exe
2008-03-19 16:52 - 2008-03-19 16:52 - 00166520 _____ () C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
2008-03-19 16:52 - 2008-03-19 16:52 - 00051816 _____ () C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
2006-01-26 17:03 - 2006-01-26 17:03 - 00122880 _____ () C:\WINDOWS\system32\TPeculiarity.dll
2005-12-08 18:56 - 2005-12-08 18:56 - 00151552 _____ () C:\WINDOWS\system32\TSBWLS.dll
2003-09-16 17:50 - 2003-09-16 09:50 - 00229376 _____ () C:\WINDOWS\system32\CmWatch.exe
2013-10-21 13:56 - 2014-11-21 09:30 - 38562088 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Documents and Settings\GARETH\Desktop:;䯡
AlternateDataStreams: C:\Documents and Settings\GARETH\Desktop:ّ㑈

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ATIPTA => "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: PadTouch => C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1528555759-1161534989-3529426194-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1528555759-1161534989-3529426194-1003 - Limited - Enabled)
GARETH (S-1-5-21-1528555759-1161534989-3529426194-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\GARETH
Guest (S-1-5-21-1528555759-1161534989-3529426194-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1528555759-1161534989-3529426194-1004 - Limited - Disabled)
ROB (S-1-5-21-1528555759-1161534989-3529426194-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\ROB
SUPPORT_388945a0 (S-1-5-21-1528555759-1161534989-3529426194-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8139/810x Family Fast Ethernet NIC
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8023xp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth PAN Network Adapter
Description: Bluetooth PAN Network Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: IVT Corporation
Service: BT
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/02/2015 00:09:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/02/2015 00:09:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/02/2015 00:08:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/30/2014 04:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23588, fault address 0x0014c493.
Processing media-specific event for [iexplore.exe!ws!]

Error: (12/23/2014 00:38:33 PM) (Source: SQL Server ODBC driver support error) (EventID: 0) (User: )
Description: Unable to load SQL Server ODBC driver resource DLL. The application cannot continue.

Error: (12/23/2014 00:38:03 PM) (Source: SQL Server ODBC driver support error) (EventID: 0) (User: )
Description: Unable to load SQL Server ODBC driver resource DLL. The application cannot continue.

Error: (12/23/2014 11:50:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application hotkey.exe, version 1.7.9.2, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000100e8.
Processing media-specific event for [hotkey.exe!ws!]

Error: (12/12/2014 05:22:21 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: Fault bucket 704642429.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (12/12/2014 05:21:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application wordconv.exe, version 12.0.6500.5000, faulting module unknown, version 0.0.0.0, fault address 0x31266331.
Processing media-specific event for [wordconv.exe!ws!]

System errors:
=============
Error: (12/11/2014 11:47:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd
SBRE

Error: (12/11/2014 10:56:32 AM) (Source: DCOM) (EventID: 10010) (User: ROBLAPTOP)
Description: The server {49BD2028-1523-11D1-AD79-00C04FD8FDFF} did not register with DCOM within the required timeout.

Error: (11/24/2014 07:53:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd
SBRE

Error: (11/24/2014 11:27:24 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd
SBRE

Error: (11/24/2014 11:26:37 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (11/21/2014 09:36:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd
SBRE

Error: (11/21/2014 09:24:21 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd
SBRE

Error: (11/21/2014 09:23:37 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (11/20/2014 11:16:22 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for C:\WINDOWS\WindowsShell.Manifest.
Reference error message: The operation completed successfully.
.

Microsoft Office Sessions:
=========================
Error: (01/02/2015 00:09:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/02/2015 00:09:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/02/2015 00:08:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (12/30/2014 04:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.235880014c493

Error: (12/23/2014 00:38:33 PM) (Source: SQL Server ODBC driver support error) (EventID: 0) (User: )
Description: Unable to load SQL Server ODBC driver resource DLL. The application cannot continue.

Error: (12/23/2014 00:38:03 PM) (Source: SQL Server ODBC driver support error) (EventID: 0) (User: )
Description: Unable to load SQL Server ODBC driver resource DLL. The application cannot continue.

Error: (12/23/2014 11:50:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hotkey.exe1.7.9.2ntdll.dll5.1.2600.6055000100e8

Error: (12/12/2014 05:22:21 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: 704642429

Error: (12/12/2014 05:21:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wordconv.exe12.0.6500.5000unknown0.0.0.031266331

==================== Memory info ===========================

Processor: Intel® Celeron® M processor 1.40GHz
Percentage of memory in use: 60%
Total physical RAM: 1406.23 MB
Available physical RAM: 558.26 MB
Total Pagefile: 2760.23 MB
Available Pagefile: 1534.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:37.26 GB) (Free:6.81 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37.3 GB) (Disk ID: 250C2096)
Partition 1: (Active) - (Size=37.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

*********************************

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30/12/2014
Scan Time: 18:02:38
Logfile: malwarebytes log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.30.07
Rootkit Database: v2014.12.29.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: GARETH

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385956
Time Elapsed: 23 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 15
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, , [b04f0266c7b55bdbc1ab9185f50e9769],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [b04f0266c7b55bdbc1ab9185f50e9769],
PUP.Optional.MySearchDial.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [23dcbeaa2e4e4ee860c33ba290728779],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [23dcbeaa2e4e4ee860c33ba290728779],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [23dcbeaa2e4e4ee860c33ba290728779],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3004627E-F8E9-4E8B-909D-316753CBA923}, , [a05fa4c46b116ec827fa2de97c8748b8],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3004627E-F8E9-4E8B-909D-316753CBA923}, , [a05fa4c46b116ec827fa2de97c8748b8],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}, , [738c8ade95e740f638e8f81ed92a55ab],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}, , [738c8ade95e740f638e8f81ed92a55ab],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MySearchDial, , [e01f5513afcd86b0e40309cfdd27ea16],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [ce312741f68636000ee8d8cd976c1be5],
PUP.Optional.DigitalSites.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DSiteProducts, , [c13eeb7d37453402adc2647e9c68cf31],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [eb145a0e7c00201619dc7530a3609a66],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [56a9491ff488c3735c2eebb893707789],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [bf40e088bfbd310582239c1d659fbc44],

Registry Values: 3
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [d52a0365176540f6993df08f788b2ad6]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0A2O0R1R1H2Z1S1G0H1F, , [bf40e088bfbd310582239c1d659fbc44]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1528555759-1161534989-3529426194-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [be41a1c782fac571b720641b1be8fc04]

Registry Data: 2
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://start.mysearc...cr=430031871=, Good: (www.google.com), Bad: (http://start.mysearc...bd3295039cc34cc]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://start.mysearc...cr=430031871=, Good: (www.google.com), Bad: (http://start.mysearc...c955d25669fae52]

Folders: 97
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\browser, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\browser\misc, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\newtab, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\external, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\icons, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\resources, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\chrome, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\favorites, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\info, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\ar, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\de, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\en, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\es, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\fr, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\he, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\it, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\ja, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\nl, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\pl, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\pt_BR, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\ru, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\tr, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales\en-US, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales\en-US, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\components, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\META-INF, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.Updater.A, C:\Documents and Settings\GARETH\Application Data\DigitalSites\UpdateProc, , [7b840d5b1765c57119827ec937cc8779],

Files: 554
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\mysearchdial-speeddial.crx, , [c23d4622a1dbb482a860c3bb659ef010],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\searchplugins\Mysearchdial.xml, , [af5084e4ea921c1adb9e2178d033c838],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\searchplugins\Mysearchdial.xml, , [43bc27410c70a393b4c55c3d50b331cf],
Rogue.Link, C:\Documents and Settings\GARETH\Desktop\free software.doc, , [ed12cb9d5329d4627a241ebada29bd43],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage, , [817e501891eb1c1a06abc01571935ca4],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\manifest.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\browser\background.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\browser\background.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\browser\misc\screenshot.inject.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data\favorites_de.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data\favorites_en_gb.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data\favorites_en_us.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data\favorites_fr.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data\favorites_he.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data\favorites_it.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data\favorites_pt_br.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data\favorites_ru.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\data\favorites_tr.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\crypto-js.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\jquery-2.0.2.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\jquery.autocomplete.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\jquery.balloon.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\jquery.fittext.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\jquery.Jcrop.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\jquery.simplecolorpicker.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\mustache.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\string.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\external\underscore-min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\newtab\gallery.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\newtab\gallery.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\newtab\newtab.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\newtab\newtab.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\newtab\search.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\content\newtab\search.min.js, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\external\foundation.min.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\external\indicator.gif, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\external\Jcrop.gif, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\external\jquery.autocomplete.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\external\jquery.Jcrop.min.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\external\jquery.simplecolorpicker.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\external\normalize.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery\arrow-gallery-cat-selected.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery\arrow.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery\emptyArea.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery\gallery.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery\gallery_templates.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery\icon-gallery-search.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery\not_available_32.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery\plus.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\gallery\X.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\icons\128.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\icons\16.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\icons\48.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\css\buttons.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\css\footer.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\css\header.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\css\list.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\css\newtab.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\css\search.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\css\themes.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\ajax-loader-2.gif, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\ajax-loader-bar.gif, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\ajax-loader-medium.gif, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\ajax-loader-small.gif, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\ajax-loader.gif, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\arrow-footer.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\arrow-header.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\attachment.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\close.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\edit-button.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\icon-chrome.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\icon-edit.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\icon-layout.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\icon-plus.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\icon-theme.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\menu_v.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\menu_v_white.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\provider.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\x-button.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\arab_tile.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\batthern_@2X.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\bo_play_pattern_@2X.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\dark_wood_@2X.jpg, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\diagonal_striped_brick.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\escheresque_ste_@2X.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\gold_scale.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\purty_wood_@2X.jpg, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\readme.txt, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\starring_@2X.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\weave_@2X.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\wild_oliva_@2X.jpg, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\images\patterns\woven.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\resources\list.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\newtab\resources\menu.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\activetabs.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\favorites.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\layout.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\modal-fav-add.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\modal-fav-edit.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\modal-fav-group.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\readitlater.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\recentlyclosed.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\theme.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\css\webapps.css, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\chrome\bookmarks.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\chrome\download.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\chrome\downloads.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\chrome\downloas.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\chrome\extensions.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\chrome\history.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\chrome\settings.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\chrome\trash.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\favorites\empty.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\favorites\error.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\favorites\shadow.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\info\contactus.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\info\facebook.ico, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\info\rateus.png, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\images\info\twitter.ico, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\activetabs.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\favorites.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\layout.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\modal-fav-add.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\modal-fav-edit.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\modal-fav-group.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\readitlater.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\readitlater_content.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\readitlater_menu.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\recentlyclosed.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\theme.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\webapps.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\skin\plugins\resources\webapps_contextmenu.html, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\ar\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\de\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\en\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\es\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\fr\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\he\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\it\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\ja\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\nl\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\pl\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\pt_BR\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\ru\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySpeedDial.A, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.10.0_0\_locales\tr\messages.json, , [41be88e0b7c563d30017f03d8083f20e],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\chrome.manifest, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\install.rdf, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\.DS_Store, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\.background.jsm.swp, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\background.jsm, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\bg.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\browser.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\browser.xul, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\timer.jsm, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_de.json, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_en-gb.json, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_en_us.json, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_fr.json, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_he.json, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_it.json, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_pt-br.json, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_ru.json, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_tr.json, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\crypto-js.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery-2.0.2.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.autocomplete.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.balloon.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.fittext.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.Jcrop.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.simplecolorpicker.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\mustache.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\string.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\underscore-min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\gallery.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\gallery.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\newtab.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\newtab.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\search.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\search.min.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences\prefs-sys.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences\prefs.js, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\foundation.min.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\indicator.gif, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\Jcrop.gif, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.autocomplete.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.Jcrop.min.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.simplecolorpicker.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\normalize.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\arrow-gallery-cat-selected.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\arrow.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\emptyArea.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\gallery.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\gallery_templates.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\icon-gallery-search.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\not_available_32.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\plus.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\Thumbs.db, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\X.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\128.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\16.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\48.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\Thumbs.db, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\buttons.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\footer.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\header.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\list.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\newtab.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\search.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\themes.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-2.gif, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-bar.gif, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-medium.gif, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-small.gif, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader.gif, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\arrow-footer.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\arrow-header.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\attachment.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\close.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\edit-button.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-chrome.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-edit.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-layout.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-plus.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-theme.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\menu_v.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\provider.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\Thumbs.db, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\x-button.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\arab_tile.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\batthern_@2X.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\dark_wood_@2X.jpg, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\diagonal_striped_brick.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\escheresque_ste_@2X.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\gold_scale.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\purty_wood_@2X.jpg, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\readme.txt, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\starring_@2X.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\weave_@2X.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\woven.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources\list.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources\menu.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\activetabs.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\favorites.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\layout.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\modal-fav-add.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\modal-fav-edit.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\modal-fav-group.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\recentlyclosed.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\theme.css, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\bookmarks.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\download.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\downloads.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\downloas.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\extensions.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\history.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\settings.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\trash.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites\empty.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites\error.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites\shadow.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\contactus.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\facebook.ico, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\rateus.png, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\twitter.ico, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\activetabs.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\favorites.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\layout.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\modal-fav-add.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\modal-fav-edit.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\modal-fav-group.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\recentlyclosed.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\theme.html, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales\en-US\translations.dtd, , [f30c0c5c0a72cf674e8ed956be4512ee],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\chrome.manifest, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\install.rdf, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\.DS_Store, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\.background.jsm.swp, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\background.jsm, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\bg.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\browser.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\browser.xul, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\timer.jsm, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_de.json, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_en-gb.json, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_en_us.json, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_fr.json, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_he.json, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_it.json, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_pt-br.json, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_ru.json, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_tr.json, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\crypto-js.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery-2.0.2.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.autocomplete.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.balloon.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.fittext.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.Jcrop.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.simplecolorpicker.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\mustache.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\string.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\underscore-min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\gallery.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\gallery.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\newtab.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\newtab.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\search.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\search.min.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences\prefs-sys.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences\prefs.js, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\foundation.min.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\indicator.gif, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\Jcrop.gif, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.autocomplete.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.Jcrop.min.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.simplecolorpicker.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\normalize.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\arrow-gallery-cat-selected.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\arrow.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\emptyArea.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\gallery.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\gallery_templates.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\icon-gallery-search.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\not_available_32.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\plus.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\Thumbs.db, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\X.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\128.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\16.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\48.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\Thumbs.db, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\buttons.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\footer.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\header.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\list.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\newtab.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\search.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\themes.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-2.gif, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-bar.gif, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-medium.gif, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-small.gif, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader.gif, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\arrow-footer.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\arrow-header.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\attachment.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\close.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\edit-button.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-chrome.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-edit.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-layout.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-plus.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-theme.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\menu_v.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\provider.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\Thumbs.db, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\x-button.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\arab_tile.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\batthern_@2X.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\dark_wood_@2X.jpg, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\diagonal_striped_brick.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\escheresque_ste_@2X.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\gold_scale.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\purty_wood_@2X.jpg, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\readme.txt, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\starring_@2X.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\weave_@2X.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\woven.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources\list.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources\menu.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\activetabs.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\favorites.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\layout.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\modal-fav-add.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\modal-fav-edit.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\modal-fav-group.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\recentlyclosed.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\theme.css, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\bookmarks.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\download.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\downloads.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\downloas.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\extensions.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\history.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\settings.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\trash.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites\empty.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites\error.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites\shadow.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\contactus.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\facebook.ico, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\rateus.png, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\twitter.ico, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\activetabs.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\favorites.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\layout.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\modal-fav-add.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\modal-fav-edit.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\modal-fav-group.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\recentlyclosed.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\theme.html, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales\en-US\translations.dtd, , [3ac55b0d374556e0ba223ef138cbb947],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\chrome.manifest, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\install.rdf, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\components\FFDisp.dll, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\dpk.htm, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\hlprs.js, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\loader.xul, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\mtstart.js, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\mysearchdial.css, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\mysearchdial.xul, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\serp.js, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\tmplt.js, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\arwDwn.gif, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\closeo.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\help_16.gif, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\home.gif, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\icon_seperator.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\logo.PNG, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\privecy_16_hot.gif, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\sign.jpg, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\specialoffer.gif, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\tellafriend.gif, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ae.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\bg.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ch.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\cn.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\cz.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\de.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\eg.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\en.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\es.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\fr.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\gr.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\he.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\il.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\it.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ja.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\jp.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\nl.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\no.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\pl.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\pt.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ro.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ru.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\sa.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\se.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\sv.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\tr.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\ua.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\content\imgs\flgs\us.png, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\META-INF\manifest.mf, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\META-INF\zigbert.rsa, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\extensions\ffxtlbr@mysearchdial.com\META-INF\zigbert.sf, , [56a9aabe2f4d82b459840b2453b03dc3],
PUP.Optional.Updater.A, C:\Documents and Settings\GARETH\Application Data\DigitalSites\UpdateProc\config.dat, , [7b840d5b1765c57119827ec937cc8779],
PUP.Optional.Updater.A, C:\Documents and Settings\GARETH\Application Data\DigitalSites\UpdateProc\prod.dat, , [7b840d5b1765c57119827ec937cc8779],
PUP.Optional.Updater.A, C:\Documents and Settings\GARETH\Application Data\DigitalSites\UpdateProc\STTL.DAT, , [7b840d5b1765c57119827ec937cc8779],
PUP.Optional.Updater.A, C:\Documents and Settings\GARETH\Application Data\DigitalSites\UpdateProc\TTL.DAT, , [7b840d5b1765c57119827ec937cc8779],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.AL", 2), ,[4db254143b419b9bd1cbae0e709518e8]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (ser Preferences

/* Do not edit this file.
*
* If ), ,[05fa1d4bf98395a1534918a4f90c6898]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (es

/* Do not edit this file.
*
* If you make changes to this file while the ap), ,[b04f0464e8947db92b713389f4111ae6]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (e.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make ), ,[3ec12e3a047862d45646ccf00005a45c]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (ing,
* the changes will be overwritten when the app), ,[c936cb9dc5b7c670bce04a7213f22bd5]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (ences

/* Do not edit this file.
*
* If you), ,[a25de97f1567e65049534e6e34d1b14f]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (eferences

/* Do not edit this file.
*
* If yo), ,[847b2b3d403c78beeab26c50e91cb64a]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (rences

/* Do not edit this file.
*
* If you), ,[718e6206186495a1c8d401bbb74e01ff]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (ferences

/* Do not edit this file.
*
* If you), ,[fd02c2a67efed066f8a46d4f34d1738d]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (rences

/* Do not edit this file.
*
* If y), ,[04fbe286d0ac092df2aa1d9f60a52cd4]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (references

/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you ), ,[c13e82e69ce021158a12c4f86a9b837d]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (
* To make a manual change to preferences, you can visit th), ,[e31c78f02953e551ecb027954eb77b85]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (
/* Do not edit this file.
*
* If you make changes), ,[fd02c99f3b4174c2d0ccb60624e19868]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (ces

/* Do not edit this file.
*
* If you ma), ,[7c83ff69710bc274207c2b91e4214db3]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (ferences

/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can ), ,[857a07610b717cba37654f6d22e32fd1]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (* To make a manual change to preferences, you can visit the), ,[9a6543253e3ee74f84186c50ee1741bf]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (

/* Do not edit this file.
*
* If you make changes to t), ,[926dadbbdd9f72c4d4c8f0cc818448b8]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (
/* Do not edit this file.
*
* If you make changes to this ), ,[06f99acede9e40f63f5deecef0158878]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (* Do not edit this file.
*
* If you make changes), ,[e718e6824c30da5cabf1427a976e1ee2]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (rences

/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit t), ,[6f905414dd9f40f6029a59630104ec14]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (make a manual change to preferences, you can visit the), ,[52adc2a69fddec4abce0209c39cc59a7]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (nces

/* Do not edit this file.
*
* If you make c), ,[b847dc8c95e7c1759b010dafed18d42c]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (ferences

/* Do not edit this file.
*
* If you ), ,[708f79efc9b3c76f29737e3eb154659b]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (ences

/* Do not edit this file.
*
* If you make ), ,[9867e5834a321b1be0bc3a82e91cd22e]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (ces

/* Do not edit this file.
*
* If you make changes to t), ,[748b9fc9493389ad227a813bcd38817f]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://start.mysearc...cr=430031871="), ,[936c68001c60ca6c12bcb309a65fe719]
PUP.Optional.MySearch.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.aflt", "dsites0101"), ,[7f806404314b5adc0490e3d9db2a8e72]
PUP.Optional.MySearch.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (searchdial.hmpg", true);
user_pref("extensions.), ,[e817f870de9e0630b2e23983d13401ff]
PUP.Optional.MySearch.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (ons.mysearchdial.hmpg", true);
user_pref("extensio), ,[c33c1f49324a13235a3a1aa27e8708f8]
PUP.Optional.MySearch.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...utDtDtCyC0EtAtD), ,[ce31ce9a64181f17c1d36f4db5504ab6]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpg", true), ,[39c694d433491422a6f72d8ff510ef11]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (sions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...FtCyDzytBtN1L1C), ,[817e581036460036d4c92894897c9070]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutD), ,[f20d73f57804c76f2677b20a22e36c94]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (s.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdia), ,[6b94e1871c601d19f4a909b3778e9967]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (ial.hmpg", true);
user_pref("extensions.mysearchd), ,[18e7a9bf9ede93a3425ba21a4cb9966a]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (ons.mysearchdial.hmpg", true);
user_pref("extensions), ,[23dc6bfd3b4195a1544908b4f510748c]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...tBtN1L1CzutDzyt), ,[bb44f2761963a6902578d6e62dd8c33d]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (zu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=430031871&ir=");
user_pref("extensions.mysearchdial.dfltSrch", true);
user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
user_pref("extensions.mysearchdial.dn), ,[44bbcc9c423a90a6623bdfddc540fe02]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (ByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=4), ,[eb14fb6d215b43f3a6f7417bb64fd32d]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (chdial.hmpg", true);
user_pref("extensions.mysearchdia), ,[76895c0cde9e90a6eab38636788db050]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (ysearchdial.hmpg", true);
user_pref("extensions.mysea), ,[eb1473f5c7b573c3debfffbd14f1e51b]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (mysearchdial.hmpg", true);
user_pref("extensions.mysea), ,[2ad528402c500b2bdebf368610f552ae]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (ysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmp), ,[c23d2543b2ca3bfb9b023c80af56f10f]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (l.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl",), ,[2ed143252953c5714e4f17a5a95c0000]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (hdial.hmpg", true);
user_pref("extensions.mysearchdial.hmp), ,[916e5d0b621a92a43a637e3e1ce90ef2]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (rchdial.hmpg", true);
user_pref("extensions.mysearchdia), ,[1fe0c3a5c5b77bbbf9a43e7ecb3a5aa6]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (searchdial.hmpg", true);
user_pref("extensions.mysearc), ,[a55a3731fe7e43f36f2e28943dc8da26]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (ysearchdial.hmpg", true);
user_pref("extensions.mys), ,[1de291d793e932044d50aa12788dba46]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (s.mysearchdial.hmpg", true);
user_pref("extension), ,[27d85513611b9d99a7f6e0dca65f40c0]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (ons.mysearchdial.hmpg", true);
user_pref("extens), ,[28d7a4c4fe7e61d5dfbedfddf90c2dd3]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (ions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http:/), ,[4cb36bfd1d5fdd595746c1fb17eef50b]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (r_pref("extensions.mysearchdial.hmpgUrl", "http://st), ,[5da2165291eb60d61b82e7d53fc6be42]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...DtDtCyC0EtAtDtA), ,[ec1373f51666191da0fd1f9d70957987]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtC), ,[02fd57117a02092d019c6c5055b00ff1]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...cr=430031871="), ,[bf405216eb9115211c826f4ddc295da3]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: ("Mysearchdial");
user_pref("extensions.mysearchdial.dnsErr", true);
user_pref("extensions.mysearchdial_i.newTab", false);
user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearc...01&cd=2XzuyEtN2), ,[b649006888f4fa3cf1adb80444c15da3]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js, Good: (), Bad: (L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=430031871&ir=");
user_pref("extensions.mysearchdial.dfltSrch", true);
user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdia), ,[57a8cd9bff7d5adcacf27a4235d07987]
PUP.Optional.MySearchDial, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "search_url": "http://start.mysearc...cr=430031871=",), ,[c43b2c3ca1dba98d951604b7a0656c94]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://start.mysearc...cr=430031871="), ,[659afc6caece0036b31bcbf130d536ca]
PUP.Optional.MySearch.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.aflt", "dsites0101"), ,[6d92412799e30a2c0f851aa2768f46ba]
PUP.Optional.MySearch.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (searchdial.hmpg", true);
user_pref("extensions.), ,[07f80e5a7ffdbd79e0b4cfed46bfce32]
PUP.Optional.MySearch.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (ons.mysearchdial.hmpg", true);
user_pref("extensio), ,[04fbc2a61468c571177dc6f648bd11ef]
PUP.Optional.MySearch.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...utDtDtCyC0EtAtD), ,[30cf90d8fa822d09355fc6f6a85d8977]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpg", true), ,[1ee1c8a0e29aae889607d3e9719433cd]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (sions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...FtCyDzytBtN1L1C), ,[df20f177bdbf4de9930a972545c00ff1]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutD), ,[a55a80e8730903332a738b3128dd6997]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (s.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdia), ,[6a9591d75c2036007b227e3e8f762ed2]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (ial.hmpg", true);
user_pref("extensions.mysearchd), ,[669992d67a0278bee6b78d2f44c1926e]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (ons.mysearchdial.hmpg", true);
user_pref("extensions), ,[b54a21476a1256e00d90f0cc82839c64]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...tBtN1L1CzutDzyt), ,[d629e97f5824a98d1d80e0dc3cc9d729]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (zu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=430031871&ir=");
user_pref("extensions.mysearchdial.dfltSrch", true);
user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
user_pref("extensions.mysearchdial.dn), ,[9a650e5a423ad561019c3488b64f1be5]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (ByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=4), ,[14eb2e3a06760630bbe2d5e77d8859a7]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (chdial.hmpg", true);
user_pref("extensions.mysearchdia), ,[ef10a9bf87f5e84ee2bb6b51ef16bc44]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (ysearchdial.hmpg", true);
user_pref("extensions.mysea), ,[1de2fb6dd3a92f077726ae0e1ee743bd]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (mysearchdial.hmpg", true);
user_pref("extensions.mysea), ,[26d983e5c5b748eebde0b606f90c35cb]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (ysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmp), ,[44bb63050f6d989e6736952726dfcc34]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (l.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl",), ,[3bc46dfbdd9f5dd9d4c9665675907f81]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (hdial.hmpg", true);
user_pref("extensions.mysearchdial.hmp), ,[fb04c3a59ce050e61786a3191fe6e21e]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (rchdial.hmpg", true);
user_pref("extensions.mysearchdia), ,[3ac53731fa8221150c9119a3e0254fb1]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (searchdial.hmpg", true);
user_pref("extensions.mysearc), ,[46b9e08882fa61d52d709e1eef160df3]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (ysearchdial.hmpg", true);
user_pref("extensions.mys), ,[d02fea7e28541e18d5c886367a8b2cd4]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (s.mysearchdial.hmpg", true);
user_pref("extension), ,[a857ff69c0bcc86e7924c6f6e71ebe42]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (ons.mysearchdial.hmpg", true);
user_pref("extens), ,[609fcf993349a6905d40c6f6a263639d]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (ions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http:/), ,[03fcef7993e981b58c11417b4fb645bb]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (r_pref("extensions.mysearchdial.hmpgUrl", "http://st), ,[a45b4c1c126a9b9b7e1f289423e2ca36]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...DtDtCyC0EtAtDtA), ,[41be32364438bf77f4a94874df261de3]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtC), ,[dc2340283646b482c3da05b70005b848]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearc...cr=430031871="), ,[d12ecf99a4d84fe717872c901ee707f9]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: ("Mysearchdial");
user_pref("extensions.mysearchdial.dnsErr", true);
user_pref("extensions.mysearchdial_i.newTab", false);
user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearc...01&cd=2XzuyEtN2), ,[f30c6800b6c6e3531886526a60a516ea]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js, Good: (), Bad: (L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=430031871&ir=");
user_pref("extensions.mysearchdial.dfltSrch", true);
user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdia), ,[ff0000687b0194a2811ddbe16d9807f9]

Physical Sectors: 0
(No malicious items detected)

(end)

Advertisements

Register to Remove

#2 OCD

SuperHelper

Malware Team
5,574 posts

Posted 03 January 2015 - 08:55 PM

Hi BarryA,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

Disable FireFox plug-in

At the top of the Firefox window, click on the Firefox button (Tools menu in Windows XP), and then click Add-ons. The Add-ons Manager tab will open.
In the Add-ons Manager tab, select the Extensions or Appearance panel.
Select the add-on you wish to disable.
- MySearchDial NewTab
Click the Disable button.
Click Restart now if it pops up. Your tabs will be saved and restored after the restart.

=========================

Disable Plug-ins in Google Chrome

Click the Chrome menu on the browser toolbar.
Select Settings
Locate the Extensions
Locate the following extension and select the mini garbage can (Remove from Chrome):
- MySearchDial
Exit Chrome settings menu.

=========================

Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

Update for Zip Opener

=========================

FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt

Start
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...cr=430031871=
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://start.mysearc...cr=430031871=" <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...cr=430031871=
SearchScopes: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...cr=430031871=
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
Toolbar: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF DefaultSearchEngine: Mysearchdial
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Mysearchdial
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=430031871&ir=
FF Extension: MySearchDial NewTab - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-01-16]
CHR Extension: (MySearchDial) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-01-31]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\GARETH\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-01-16]
CHR HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\GARETH\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-01-16]
Update for Zip Opener (HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Digital Sites) (Version:  - Update for Zip Opener) <==== ATTENTION
EmptyTemp:
CMD: ipconfig /flushdns

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

AdwCleaner v3: Scan & Clean

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

Junkware Removal Tool

Download Junkware Removal Tool to your desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

=========================

Reboot

=========================

Re-run Farbar Recovery Scan Tool it should be on your desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

Fixlog.txt
AdwCleaner[S0].txt
JRT.txt
New FRST.txt
How is the computer running at the moment?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#3 BarryA

Authentic Member

Authentic Member
89 posts

Posted 04 January 2015 - 02:09 PM

Hello OCD

Many thanks for helping me with a clean up.

Please note that I do not currently have Google Chrome on my computer although did have, so it must be finding evidence of that.

Also do not have Zip Opener Update although it's title was still in Control Panel - but is now removed.

AdwareCleaner now appears to be version 4.1.0.6 which I used.

When re-opening MS Outlook after running tools, I had a Runtime Error message as follows:

Microsoft Visual C ++ Runtime Library

Runtime Error

Program: C/Program Files/MicrosoftOffice/Office11/Outlook.exe

has last requested to terminate Outlook in an unusual way

( I clicked OK and opened Outlook, but am unsure what has happened)

Regards BarryA

Here are the logs requested after running tools:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-01-2015
Ran by GARETH at 2015-01-04 17:51:08 Run:1
Running from C:\Documents and Settings\GARETH\Desktop
Loaded Profile: GARETH (Available profiles: GARETH & ROB & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...cr=430031871=
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://start.mysearc...cr=430031871=" <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://start.mysearc...cr=430031871=
SearchScopes: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...cr=430031871=
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-1528555759-1161534989-3529426194-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF DefaultSearchEngine: Mysearchdial
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SelectedSearchEngine: Mysearchdial
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=430031871&ir=
FF Extension: MySearchDial NewTab - C:\Documents and
Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-01-16]
CHR Extension: (MySearchDial) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-01-31]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\GARETH\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-01-16]
CHR HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\GARETH\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-01-16]
Update for Zip Opener (HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Digital Sites) (Version: - Update for Zip Opener) <==== ATTENTION
EmptyTemp:
CMD: ipconfig /flushdns

*****************

"HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
http://start.mysearc...cr=430031871= => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} => value deleted successfully.
HKCR\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} => Key not found.
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox DefaultSearchUrl deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
FF Extension: MySearchDial NewTab - C:\Documents and => not found.
Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-01-16] => Error: No automatic fix found for this entry.
C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff" => Key deleted successfully.
C:\DOCUME~1\GARETH\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx => Moved successfully.
"HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff" => Key deleted successfully.
"C:\DOCUME~1\GARETH\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx" => File/Directory not found.
Update for Zip Opener (HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Digital Sites) (Version: - Update for Zip Opener) <==== ATTENTION => Error: No automatic fix found for this entry.

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => Removed 245.3 MB temporary data.

The system needed a reboot.

==== End of Fixlog 17:52:20 ====

*********************************

# AdwCleaner v4.106 - Report created 04/01/2015 at 18:35:27
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : GARETH - ROBLAPTOP
# Running from : C:\Documents and Settings\GARETH\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : ACS

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\GARETH\Application Data\blekko
Folder Deleted : C:\Documents and Settings\GARETH\Application Data\DigitalSites
Folder Deleted : C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\Extensions\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Folder Deleted : C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
File Deleted : C:\WINDOWS\system32\acs.exe
File Deleted : C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\user.js
File Deleted : C:\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\user.js
File Deleted : C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\SecuredDownload
Key Deleted : HKLM\SOFTWARE\mysearchdial
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mysearchdial

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v2.0.0.6 (en-US)

[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.aflt", "dsites0101");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.cr", "430031871");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.irmysearch.instlRef", "");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.AL", 2);
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.aflt", "dsites0101");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.cr", "430031871");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.dfltLng", "");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", true);
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true);
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false);
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.hmpg", true);
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1Czut[...]
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.id", "0016E303F850B7FA");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.instlDay", "16086");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.instlRef", "");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1Cz[...]
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1[...]
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial_i.hmpg", true);
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false);
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[8pnurqgc.default\prefs.js] - Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.09:40:14");
[pjrd4kmj.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtC[...]
[pjrd4kmj.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
[pjrd4kmj.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");

-\\ Google Chrome v

[C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=3449CAADAFF8501E310614508EACCAAF&q={searchTerms}
[C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtCyC0EtAtDtA0FzzyDtD0ByB0F0AtN0D0Tzu0SyByEyCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=430031871&ir=
[C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pflphaooapbgpeakohlggbpidpppgdff

*************************

AdwCleaner[R0].txt - [8658 octets] - [04/01/2015 18:05:19]
AdwCleaner[S0].txt - [9016 octets] - [04/01/2015 18:35:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9076 octets] ##########

***************************

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Microsoft Windows XP x86
Ran by GARETH on 04/01/2015 at 18:56:28.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

~~~ Files

Successfully deleted: [File] "C:\WINDOWS\wininit.ini"

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\GARETH\Application Data\mozilla\firefox\profiles\8pnurqgc.default\prefs.js

user_pref("google.toolbar.button_option.cached.gtbSearchBooks", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBooks\" t
user_pref("google.toolbar.button_option.cached.gtbSearchCalendar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchCalend
user_pref("google.toolbar.button_option.cached.gtbSearchDocs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchDocs\" too
user_pref("google.toolbar.button_option.cached.gtbSearchFinance", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchFinance
user_pref("google.toolbar.button_option.cached.gtbSearchPatents", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPatents
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbSearchVideo", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchVideo\" t
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAIAEBAAAAEAIABoBAAAJgAAACAgAAABACAAqBAAAI4EAAAoAAAAEAAAACAAAAABACAAAAAAAAAEAAASCwAAEgsAAAAAAAAAAAAA9IVCS

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/01/2015 at 19:03:12.65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

******************************

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2015
Ran by GARETH (administrator) on ROBLAPTOP on 04-01-2015 19:20:10
Running from C:\Documents and Settings\GARETH\Desktop
Loaded Profile: GARETH (Available profiles: GARETH & ROB & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
() C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSServ.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(TOSHIBA Inc.) C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
() C:\WINDOWS\system32\CmWatch.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\Toshiba.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSBattM.exe
(TOSHIBA) C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
(Mortal Universe) C:\Program Files\POP Peeper\POPPeeper.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPSMain] => C:\WINDOWS\system32\TPSMain.exe [266240 2006-02-08] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [118784 2005-05-12] (TOSHIBA Corporation)
HKLM\...\Run: [CFSServ.exe] => CFSServ.exe -NoClient
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [Toshiba Hotkey Utility] => C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe [1589248 2006-01-28] (TOSHIBA Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761945 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [NeroCheck] => C:\WINDOWS\system32\\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [CmCardRun] => C:\WINDOWS\system32\CmWatch.exe [229376 2003-09-16] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2005-04-11] (TOSHIBA)
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Run: [POP Peeper] => C:\Program Files\POP Peeper\POPPeeper.exe [1609728 2011-08-18] (Mortal Universe)
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\...\Policies\Explorer: [NoDriveAutoRun] 0xFFFFFFFF
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk
ShortcutTarget: Service Manager.lnk -> C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\GARETH\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
ShortcutTarget: Microsoft Office OneNote 2003 Quick Launch.lnk -> C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\ROB\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
ShortcutTarget: Microsoft Office OneNote 2003 Quick Launch.lnk -> C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKU\S-1-5-21-1528555759-1161534989-3529426194-1005\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {206E52E0-D52E-11D4-AD54-0000E86C26F6} -> C:\Program Files\FreshDevices\FreshDownload\fdcatch.dll (FreshDevices Corp.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\Program Files\FreshDevices\FreshDownload\fdiebar.dll (FreshDevices Corp.)
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1395059582562
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npfd.dll (FreshDevices Corp.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Lavasoft Search Plugin - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2012-10-29]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2015-01-04]
FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-07-05]
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2006-07-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-02-24]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-09-10]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011-09-10]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} [2012-05-29]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-07]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-01-24]
FF StartMenuInternet: FIREFOX.EXE - C:\PROGRA~1\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31]
CHR Extension: (Google Drive) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-31]
CHR Extension: (YouTube) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-13]
CHR Extension: (Google Search) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-13]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-03]
CHR Extension: (Google Wallet) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
CHR Extension: (Gmail) - C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-11-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-11-21] (AVAST Software)
R2 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [166520 2008-03-19] ()
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2005-01-17] (TOSHIBA CORPORATION) [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MSSQL$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe [9150464 2005-05-03] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [73728 2005-05-03] (Microsoft Corporation) [File not signed]
S3 SQLAgent$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE [323584 2005-05-03] (Microsoft Corporation) [File not signed]
R2 Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [51816 2008-03-19] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-04 19:03 - 2015-01-04 19:03 - 00003044 _____ () C:\Documents and Settings\GARETH\Desktop\JRT.txt
2015-01-04 18:56 - 2015-01-04 18:56 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-04 18:54 - 2015-01-04 18:54 - 01707939 _____ (Thisisu) C:\Documents and Settings\GARETH\Desktop\JRT.exe
2015-01-04 18:46 - 2015-01-04 18:46 - 00009156 _____ () C:\Documents and Settings\GARETH\Desktop\AdwCleaner[S0].txt
2015-01-04 18:05 - 2015-01-04 18:35 - 00000000 ____D () C:\AdwCleaner
2015-01-04 18:04 - 2015-01-04 18:04 - 02173952 _____ () C:\Documents and Settings\GARETH\Desktop\AdwCleaner.exe
2015-01-02 21:00 - 2015-01-02 21:01 - 00024573 _____ () C:\Documents and Settings\GARETH\Desktop\Addition.txt
2015-01-02 20:59 - 2015-01-04 19:20 - 00018268 _____ () C:\Documents and Settings\GARETH\Desktop\FRST.txt
2015-01-02 20:56 - 2015-01-04 19:20 - 00000000 ____D () C:\FRST
2015-01-02 20:55 - 2015-01-02 20:56 - 01115136 _____ (Farbar) C:\Documents and Settings\GARETH\Desktop\FRST.exe
2015-01-02 20:43 - 2015-01-03 13:08 - 00002050 _____ () C:\Documents and Settings\GARETH\Desktop\aswMBR.log
2015-01-02 20:43 - 2015-01-02 20:43 - 00000512 _____ () C:\Documents and Settings\GARETH\Desktop\MBR.dat
2015-01-02 20:31 - 2015-01-02 20:31 - 05198336 _____ (AVAST Software) C:\Documents and Settings\GARETH\Desktop\aswMBR.exe
2014-12-30 18:00 - 2014-12-30 18:01 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-30 18:00 - 2014-12-30 18:00 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-30 18:00 - 2014-12-30 18:00 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-30 18:00 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-13 19:27 - 2014-12-13 19:27 - 00000000 ____D () C:\Documents and Settings\All Users\Foxit Software
2014-12-13 19:26 - 2014-12-13 19:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-04 19:20 - 2006-07-27 08:18 - 00000000 ____D () C:\Documents and Settings\GARETH\Local Settings\Temp
2015-01-04 19:18 - 2006-02-15 14:24 - 01977426 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-04 19:17 - 2006-02-15 14:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-04 19:17 - 2006-02-15 14:20 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-04 19:17 - 2006-02-15 14:20 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-01-04 19:16 - 2010-09-15 12:48 - 00000000 ____D () C:\Documents and Settings\GARETH\Application Data\POP Peeper
2015-01-04 19:16 - 2006-07-27 08:18 - 00000278 ___SH () C:\Documents and Settings\GARETH\ntuser.ini
2015-01-04 19:16 - 2006-02-15 14:29 - 00032354 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-04 18:45 - 2012-04-16 10:31 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-04 18:40 - 2006-02-15 14:29 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2015-01-04 18:02 - 2012-08-05 19:08 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-01-04 17:46 - 2012-05-25 11:50 - 00140563 _____ () C:\WINDOWS\system32\English
2015-01-04 17:39 - 2006-07-27 08:18 - 00000000 ____D () C:\Documents and Settings\GARETH
2015-01-04 17:16 - 2013-08-14 19:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Google
2015-01-04 17:16 - 2010-07-05 10:41 - 00000000 ____D () C:\Documents and Settings\GARETH\Local Settings\Application Data\Google
2015-01-03 20:07 - 2013-10-14 15:17 - 00000424 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{E3CB84DD-4309-468E-B967-A2F4E33CA2E1}.job
2014-12-30 18:00 - 2013-04-19 10:58 - 00000000 ____D () C:\Documents and Settings\GARETH\Application Data\Malwarebytes
2014-12-30 18:00 - 2013-04-19 10:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-12-30 17:44 - 2012-05-29 12:07 - 3898688512 _____ () C:\Documents and Settings\GARETH\Desktop\Outlook backup.pst
2014-12-21 09:34 - 2014-01-30 13:29 - 00000000 ____D () C:\Documents and Settings\GARETH\Desktop\New Folder
2014-12-19 12:16 - 2012-10-04 17:02 - 00415232 ___SH () C:\Documents and Settings\GARETH\Desktop\Thumbs.db
2014-12-19 09:33 - 2006-02-15 14:11 - 00000000 ____D () C:\WINDOWS\Help
2014-12-18 10:09 - 2012-10-05 10:46 - 00008769 _____ () C:\Documents and Settings\GARETH\English
2014-12-11 11:51 - 2012-04-16 10:31 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-11 11:51 - 2011-05-13 23:23 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Documents and Settings\GARETH\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\GARETH\Local Settings\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

==================== End Of Log ============================

#4 OCD

SuperHelper

Malware Team
5,574 posts

Posted 05 January 2015 - 01:04 AM

Hi BarryA,

Let me know if you continue to get the Runtime Error.

Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware (save it to your desktop).

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Select Scan tab.
Select type of scan to perform:
- Threat Scan < --- Select this type of scan
- Custom Scan
- Hyper Scan
Next click the Scan button.
When the scan is complete, if no malicious items are found you can close the program.
If malicious items are found be sure that everything is checked, and click Quarantine .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

=========================

ESET Online Scanner

*Note:

It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)

Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply

Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.

=========================

In your next post please provide the following:

MBAM log
ESET's log.txt
How's the computer running, any symptoms?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#5 BarryA

Authentic Member

Authentic Member
89 posts

Posted 05 January 2015 - 02:34 PM

Hi OCD

Tools run and logs included below.

Outlook would not open first attempt, but after that ok, I will track this to see if any problem continues.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 05/01/2015
Scan Time: 17:40:21
Logfile: MBR 2.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.05.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: GARETH

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 387704
Time Elapsed: 23 min, 31 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.MySearchDial.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [c8043db653362e080716756c2ed45ba5],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
Rogue.Link, C:\Documents and Settings\GARETH\Desktop\free software.doc, Quarantined, [4389559e4d3c61d50e9c3ba20cf77a86],
PUP.Optional.MySearchDial, C:\Documents and Settings\GARETH\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "search_url": "http://start.mysearc...cr=430031871=",), Replaced,[9c30c1323d4c043247e4546e33d2758b]

Physical Sectors: 0
(No malicious items detected)

(end)

**************************

C:\AdwCleaner\Quarantine\C\Documents and Settings\GARETH\Application Data\Mozilla\Firefox\Profiles\8pnurqgc.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\dtUser.exe.vir a variant of Win32/Toolbar.Visicom.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\ROB\Application Data\Mozilla\Firefox\Profiles\pjrd4kmj.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\dtUser.exe.vir a variant of Win32/Toolbar.Visicom.C potentially unwanted application deleted - quarantined
C:\Documents and Settings\GARETH\Application Data\Sun\Java\Deployment\cache\6.0\25\3a3f8819-58d2b0a7 Java/TrojanDownloader.OpenConnection.AP trojan cleaned by deleting - quarantined
C:\Documents and Settings\GARETH\Application Data\Sun\Java\Deployment\cache\6.0\62\676fa43e-54ed8bb0 Java/Exploit.Agent.AH trojan cleaned by deleting - quarantined
C:\Documents and Settings\GARETH\My Documents\Downloads\hamsterfreevideoconverter1.exe Win32/Toolbar.Zugo potentially unwanted application deleted - quarantined
C:\Documents and Settings\GARETH\My Documents\Downloads\SoftonicDownloader14297.exe Win32/SoftonicDownloader.A potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{243E970E-7040-40E2-8847-8FA14374895C}\RP1681\A0137894.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application deleted - quarantined
C:\System Volume Information\_restore{243E970E-7040-40E2-8847-8FA14374895C}\RP1681\A0137895.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application deleted - quarantined

#6 OCD

SuperHelper

Malware Team
5,574 posts

Posted 06 January 2015 - 01:12 AM

Hi BarryA,

Re- run AdwCleaner

It should be on your desktop

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S1].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

Re-run Farbar Recovery Scan Tool it should be on your desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Select the Addition box
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
It will also make (Addition.txt). Please attach it to your reply

=========================

In your next post please provide the following:

AdwCleaner[S1].txt
new FRST.txt
Addition.txt
How is the computer running?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#7 BarryA

Authentic Member

Authentic Member
89 posts

Posted 06 January 2015 - 08:47 AM

Hi OCD

ADWCleaner ran but nothing found, so no log was created.

New FRST and Addition logs below:

Computer appears to run ok, but will have to monitor for a few days to see if anything shows up.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2015
Ran by GARETH (administrator) on ROBLAPTOP on 06-01-2015 14:20:41
Running from C:\Documents and Settings\GARETH\Desktop
Loaded Profile: GARETH (Available profiles: GARETH & ROB & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
() C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSServ.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(TOSHIBA Inc.) C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\WINDOWS\system32\CmWatch.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\Toshiba.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSBattM.exe
(TOSHIBA) C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
(Mortal Universe) C:\Program Files\POP Peeper\POPPeeper.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE