I have to paste the last report as a reply because it exceeded the limit.
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.10.29.02
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Jeff :: JEFFKINCAIDE-HP [administrator]
Protection: Enabled
10/28/2013 9:23:15 PM
mbam-log-2013-10-28 (21-23-15).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 279452
Time elapsed: 13 minute(s), 39 second(s)
Memory Processes Detected: 2
C:\Program Files (x86)\Lizardlink\updateLizardlink.exe (PUP.Optional.Lizardlink.A) -> 1176 -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin\utilLizardlink.exe (PUP.Optional.Lizardlink.A) -> 2160 -> Delete on reboot.
Memory Modules Detected: 1
C:\Program Files (x86)\Lizardlink\bin\sqlite3.dll (PUP.Optional.Lizardlink.A) -> Delete on reboot.
Registry Keys Detected: 21
HKLM\SYSTEM\CurrentControlSet\Services\Update Lizardlink (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Util Lizardlink (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{eb9e4cdf-b007-450c-b0af-b66467c3d6e0} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{81b7413c-f330-42d5-9cfc-0ecdf03d8c37} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCR\Interface\{17F7D2B4-126F-4567-9FDB-563C2D907A92} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB9E4CDF-B007-450C-B0AF-B66467C3D6E0} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB9E4CDF-B007-450C-B0AF-B66467C3D6E0} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB9E4CDF-B007-450C-B0AF-B66467C3D6E0} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6C6DB83A-17C1-695F-BEF5-BBB19BEFE5D2} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F21FB37B-1802-2BE5-EB92-6799C27CED5A} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCU\Software\Lizardlink (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Lizardlink (PUP.Optional.LizardLink.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.ConduitSearchProtect) -> Data: C:\Users\Jeff\AppData\Roaming\SearchProtect\bin\cltmng.exe -> Quarantined and deleted successfully.
HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: http://search.conduit.com?SearchSource=10&CUI=UN40720457828009228&UM=2&ctid=CT3279412 -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 34
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin\plugins (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\update (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\data (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
Files Detected: 129
C:\Program Files (x86)\Lizardlink\updateLizardlink.exe (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin\utilLizardlink.exe (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\LizardlinkBHO.dll (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\ProgramData\InstallMate\{CD0E6926-EAE8-4F72-AD99-A2CA16ED4BD0}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\{CD0E6926-EAE8-4F72-AD99-A2CA16ED4BD0}\TsuDll.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\{D1D04F86-4B11-47B4-A55F-03330A336D70}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\{D1D04F86-4B11-47B4-A55F-03330A336D70}\TsuDll.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\SAVenshare\6PNuz.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\saVVensharE,\G7IX5d.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\I7Z.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\LerP.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\DC69.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nsa6347.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nsf4243.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nskD0.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nsv7E49.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nsvF3A4.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nszEE56.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\~tmf4557747700770327005.tmp (Malware.Packer.ORPC) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\~tmp1664241081370545838.tmp (Trojan.Downloader.ED) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\00294823\G7IX5d.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\18be6784\LerP.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\2cd672ae\I7Z.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\4ae13d6c\6PNuz.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\popupTransparent.xul (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\updateLizardlink.InstallState (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\jainjonnknhmbbkibcbmhihbopigapdm.crx (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\Lizardlink.Common.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\Lizardlink.ico (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\LizardlinkOPC.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\Lizardlinkozr.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\LizardlinkUninstall.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\Microsoft.Win32.TaskScheduler.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\sqlite3.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\bin\sqlite3.dll (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin\utilLizardlink.InstallState (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\bin\plugins\Lizardlink.FFUpdate.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\bin\plugins\Lizardlink.GCUpdate.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\bin\plugins\Lizardlink.IEUpdate.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\update\jhgrcbtl.vip.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\7I.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\7I.tlb (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\HJH.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\HJH.tlb (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\I7Z.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\LerP.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\data\SearchNewTab.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\CT3279412.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\CT3279412.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\initData.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16766
Run by Jeff at 22:24:40 on 2013-10-28
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3835.2350 [GMT -7:00]
.
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atibtmon.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
C:\Users\Jeff\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Jeff\AppData\Roaming\Verizon\UA_ar\UA.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://companyweb
mStart Page = hxxp://websearch.oversearch.info/?pid=1142&r=2013/09/22&hid=2633555111547171315&lg=EN&cc=US&unqvl=36
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [HLBackupScheduler] C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
uRun: [SanDiskSecureAccess_Manager.exe] C:\Users\Jeff\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN35JBXHH805KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Tv-Plug-In] "C:\Program Files (x86)\Tv-Plug-In\Tv-Plug-In.exe" nogui
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\Jeff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Jeff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERIZO~1.LNK - C:\Users\Jeff\AppData\Roaming\Verizon\UA_ar\UA.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NKBMON~1.LNK - C:\Program Files (x86)\Nikon\PictureProject\NkbMonitor.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoWelcomeScreen = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} - hxxp://rv2900/connectcomputer/nshelp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc1.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\14C6C676C61637370274C6F62616C6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\256502143737F6369616475637 : DHCPNameServer = 10.1.0.100
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\353484D29453335303331444 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\4456E6E6973775966496 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\75843494D27457563747D276E6 : DHCPNameServer = 172.16.1.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\B496E63616964656D27657563747 : DHCPNameServer = 192.168.3.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\s2vyjo4m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.oversearch.info/?pid=1142&r=2013/09/22&hid=2633555111547171315&lg=EN&cc=US&unqvl=36&l=1&q=
FF - prefs.js: browser.search.selectedEngine - WebSearch
FF - prefs.js: browser.startup.homepage - hxxp://websearch.oversearch.info/?pid=1142&r=2013/09/22&hid=2633555111547171315&lg=EN&cc=US&unqvl=36
FF - prefs.js: keyword.URL - hxxp://websearch.oversearch.info/?pid=1142&r=2013/09/22&hid=2633555111547171315&lg=EN&cc=US&unqvl=36&l=1&q=
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - ExtSQL: !HIDDEN! 2010-01-17 05:54; xfpnxmwgmc@xfpnxmwgmc.org; C:\Users\Jeff\Application Data\Mozilla\Firefox\Profiles\s2vyjo4m.default\extensions\xfpnxmwgmc@xfpnxmwgmc.org.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-26 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-9-26 205320]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-10-21 28184]
R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2013-10-21 447888]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-26 1032416]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-9-26 409832]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 188928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-3-11 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-3-11 202752]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-9-26 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-26 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-10-21 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-10-21 179088]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-24 315392]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-8-2 32880]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-3-11 245792]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-11 347680]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-3-11 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-28 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-28 701512]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-6-4 103448]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-28 25928]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-2 227232]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]
S3 NisSrv;NisSrv;"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" --> c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [?]
S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssmirrdr;ssmirrdr;C:\Windows\System32\drivers\ssmirrdr.sys [2011-3-14 10112]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-6-4 203672]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-12 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-10-29 04:54:23 -------- d-----w- C:\Users\Jeff\AppData\Local\{94B570CF-0AEA-4EEE-A58A-4A9708C4D85E}
2013-10-29 04:21:51 -------- d-----w- C:\Users\Jeff\AppData\Roaming\Malwarebytes
2013-10-29 04:21:32 -------- d-----w- C:\ProgramData\Malwarebytes
2013-10-29 04:21:31 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-10-29 04:21:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-29 04:19:36 -------- d-----w- C:\Users\Jeff\AppData\Local\Programs
2013-10-21 15:31:01 -------- d-----w- C:\Users\Jeff\AppData\Roaming\AVAST Software
2013-10-21 14:24:00 270824 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
2013-10-21 14:23:59 131232 ----a-w- C:\Windows\System32\drivers\aswFW.sys
2013-10-21 14:23:57 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-10-21 14:23:52 447888 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2013-10-21 13:56:28 -------- d-----w- C:\Users\Jeff\AppData\Local\{391E0C8C-388A-48F5-9ED2-3318B17CD0AD}
2013-10-15 16:05:00 -------- d-----w- C:\Users\Jeff\AppData\Local\{80663235-57E7-4CF4-A9D2-14DF7378321F}
2013-10-02 23:37:35 -------- d-----w- C:\Users\Jeff\AppData\Local\{4613605E-A9C9-4E2E-9F08-CFF032DF2A1A}
.
==================== Find3M ====================
.
2013-10-21 14:37:40 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-10-21 14:37:40 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-10-21 14:37:40 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-10-21 14:37:40 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-10-21 14:37:39 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-10-21 14:37:37 43152 ----a-w- C:\Windows\avastSS.scr
2013-10-09 16:03:44 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 16:03:44 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 22:26:15.66 ===============
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.10.29.02
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Jeff :: JEFFKINCAIDE-HP [administrator]
Protection: Enabled
10/28/2013 9:23:15 PM
mbam-log-2013-10-28 (21-23-15).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 279452
Time elapsed: 13 minute(s), 39 second(s)
Memory Processes Detected: 2
C:\Program Files (x86)\Lizardlink\updateLizardlink.exe (PUP.Optional.Lizardlink.A) -> 1176 -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin\utilLizardlink.exe (PUP.Optional.Lizardlink.A) -> 2160 -> Delete on reboot.
Memory Modules Detected: 1
C:\Program Files (x86)\Lizardlink\bin\sqlite3.dll (PUP.Optional.Lizardlink.A) -> Delete on reboot.
Registry Keys Detected: 21
HKLM\SYSTEM\CurrentControlSet\Services\Update Lizardlink (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Util Lizardlink (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{eb9e4cdf-b007-450c-b0af-b66467c3d6e0} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{81b7413c-f330-42d5-9cfc-0ecdf03d8c37} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCR\Interface\{17F7D2B4-126F-4567-9FDB-563C2D907A92} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB9E4CDF-B007-450C-B0AF-B66467C3D6E0} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB9E4CDF-B007-450C-B0AF-B66467C3D6E0} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB9E4CDF-B007-450C-B0AF-B66467C3D6E0} (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6C6DB83A-17C1-695F-BEF5-BBB19BEFE5D2} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F21FB37B-1802-2BE5-EB92-6799C27CED5A} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCU\Software\Lizardlink (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Lizardlink (PUP.Optional.LizardLink.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.ConduitSearchProtect) -> Data: C:\Users\Jeff\AppData\Roaming\SearchProtect\bin\cltmng.exe -> Quarantined and deleted successfully.
HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: http://search.conduit.com?SearchSource=10&CUI=UN40720457828009228&UM=2&ctid=CT3279412 -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 34
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin\plugins (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\update (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\data (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
Files Detected: 129
C:\Program Files (x86)\Lizardlink\updateLizardlink.exe (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin\utilLizardlink.exe (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\LizardlinkBHO.dll (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\ProgramData\InstallMate\{CD0E6926-EAE8-4F72-AD99-A2CA16ED4BD0}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\{CD0E6926-EAE8-4F72-AD99-A2CA16ED4BD0}\TsuDll.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\{D1D04F86-4B11-47B4-A55F-03330A336D70}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\{D1D04F86-4B11-47B4-A55F-03330A336D70}\TsuDll.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\SAVenshare\6PNuz.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\saVVensharE,\G7IX5d.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\I7Z.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\LerP.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\DC69.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nsa6347.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nsf4243.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nskD0.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nsv7E49.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nsvF3A4.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\nszEE56.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\~tmf4557747700770327005.tmp (Malware.Packer.ORPC) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\~tmp1664241081370545838.tmp (Trojan.Downloader.ED) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\00294823\G7IX5d.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\18be6784\LerP.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\2cd672ae\I7Z.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\4ae13d6c\6PNuz.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\popupTransparent.xul (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\updateLizardlink.InstallState (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\jainjonnknhmbbkibcbmhihbopigapdm.crx (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\Lizardlink.Common.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\Lizardlink.ico (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\LizardlinkOPC.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\Lizardlinkozr.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\LizardlinkUninstall.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\Microsoft.Win32.TaskScheduler.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\sqlite3.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\bin\sqlite3.dll (PUP.Optional.Lizardlink.A) -> Delete on reboot.
C:\Program Files (x86)\Lizardlink\bin\utilLizardlink.InstallState (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\bin\plugins\Lizardlink.FFUpdate.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\bin\plugins\Lizardlink.GCUpdate.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\bin\plugins\Lizardlink.IEUpdate.dll (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Lizardlink\update\jhgrcbtl.vip.exe (PUP.Optional.Lizardlink.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\7I.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\7I.tlb (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\HJH.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\HJH.tlb (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\I7Z.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\LerP.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\data\SearchNewTab.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\CT3279412.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\CT3279412.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\initData.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Jeff\AppData\Local\Temp\ct3279412\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16766
Run by Jeff at 22:24:40 on 2013-10-28
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3835.2350 [GMT -7:00]
.
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atibtmon.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
C:\Users\Jeff\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Jeff\AppData\Roaming\Verizon\UA_ar\UA.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://companyweb
mStart Page = hxxp://websearch.oversearch.info/?pid=1142&r=2013/09/22&hid=2633555111547171315&lg=EN&cc=US&unqvl=36
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [HLBackupScheduler] C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
uRun: [SanDiskSecureAccess_Manager.exe] C:\Users\Jeff\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN35JBXHH805KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Tv-Plug-In] "C:\Program Files (x86)\Tv-Plug-In\Tv-Plug-In.exe" nogui
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\Jeff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Jeff\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERIZO~1.LNK - C:\Users\Jeff\AppData\Roaming\Verizon\UA_ar\UA.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NKBMON~1.LNK - C:\Program Files (x86)\Nikon\PictureProject\NkbMonitor.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoWelcomeScreen = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} - hxxp://rv2900/connectcomputer/nshelp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc1.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\14C6C676C61637370274C6F62616C6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\256502143737F6369616475637 : DHCPNameServer = 10.1.0.100
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\353484D29453335303331444 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\4456E6E6973775966496 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\75843494D27457563747D276E6 : DHCPNameServer = 172.16.1.1
TCP: Interfaces\{01C5F700-76A2-4970-9915-EAEAC43B6A6F}\B496E63616964656D27657563747 : DHCPNameServer = 192.168.3.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\s2vyjo4m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.oversearch.info/?pid=1142&r=2013/09/22&hid=2633555111547171315&lg=EN&cc=US&unqvl=36&l=1&q=
FF - prefs.js: browser.search.selectedEngine - WebSearch
FF - prefs.js: browser.startup.homepage - hxxp://websearch.oversearch.info/?pid=1142&r=2013/09/22&hid=2633555111547171315&lg=EN&cc=US&unqvl=36
FF - prefs.js: keyword.URL - hxxp://websearch.oversearch.info/?pid=1142&r=2013/09/22&hid=2633555111547171315&lg=EN&cc=US&unqvl=36&l=1&q=
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jeff\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Jeff\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - ExtSQL: !HIDDEN! 2010-01-17 05:54; xfpnxmwgmc@xfpnxmwgmc.org; C:\Users\Jeff\Application Data\Mozilla\Firefox\Profiles\s2vyjo4m.default\extensions\xfpnxmwgmc@xfpnxmwgmc.org.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-26 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-9-26 205320]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-10-21 28184]
R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2013-10-21 447888]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-26 1032416]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-9-26 409832]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 188928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-3-11 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-3-11 202752]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-9-26 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-26 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-10-21 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-10-21 179088]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-24 315392]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-8-2 32880]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-3-11 245792]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-11 347680]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-3-11 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-28 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-28 701512]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-6-4 103448]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-28 25928]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-2 227232]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]
S3 NisSrv;NisSrv;"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" --> c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [?]
S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssmirrdr;ssmirrdr;C:\Windows\System32\drivers\ssmirrdr.sys [2011-3-14 10112]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-6-4 203672]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-12 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-10-29 04:54:23 -------- d-----w- C:\Users\Jeff\AppData\Local\{94B570CF-0AEA-4EEE-A58A-4A9708C4D85E}
2013-10-29 04:21:51 -------- d-----w- C:\Users\Jeff\AppData\Roaming\Malwarebytes
2013-10-29 04:21:32 -------- d-----w- C:\ProgramData\Malwarebytes
2013-10-29 04:21:31 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-10-29 04:21:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-29 04:19:36 -------- d-----w- C:\Users\Jeff\AppData\Local\Programs
2013-10-21 15:31:01 -------- d-----w- C:\Users\Jeff\AppData\Roaming\AVAST Software
2013-10-21 14:24:00 270824 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
2013-10-21 14:23:59 131232 ----a-w- C:\Windows\System32\drivers\aswFW.sys
2013-10-21 14:23:57 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-10-21 14:23:52 447888 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2013-10-21 13:56:28 -------- d-----w- C:\Users\Jeff\AppData\Local\{391E0C8C-388A-48F5-9ED2-3318B17CD0AD}
2013-10-15 16:05:00 -------- d-----w- C:\Users\Jeff\AppData\Local\{80663235-57E7-4CF4-A9D2-14DF7378321F}
2013-10-02 23:37:35 -------- d-----w- C:\Users\Jeff\AppData\Local\{4613605E-A9C9-4E2E-9F08-CFF032DF2A1A}
.
==================== Find3M ====================
.
2013-10-21 14:37:40 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-10-21 14:37:40 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-10-21 14:37:40 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-10-21 14:37:40 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-10-21 14:37:39 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-10-21 14:37:37 43152 ----a-w- C:\Windows\avastSS.scr
2013-10-09 16:03:44 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 16:03:44 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 22:26:15.66 ===============