Here are the logs
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.02.10.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
ian :: IAN-HP [administrator]
10/02/2014 23:39:27
mbam-log-2014-02-10 (23-39-27).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 288093
Time elapsed: 25 minute(s), 5 second(s)
Memory Processes Detected: 6
C:\Users\ian\AppData\Roaming\Baxypub\qiinect.exe (Trojan.Zbot.FBD) -> 8656 -> Delete on reboot.
C:\Users\ian\AppData\Roaming\Baxypub\qiinect.exe (Trojan.Zbot.FBD) -> 7272 -> Delete on reboot.
C:\Users\ian\AppData\Roaming\Baxypub\qiinect.exe (Trojan.Zbot.FBD) -> 4628 -> Delete on reboot.
C:\Users\ian\AppData\Roaming\Baxypub\qiinect.exe (Trojan.Zbot.FBD) -> 9460 -> Delete on reboot.
C:\Users\ian\AppData\Roaming\Baxypub\qiinect.exe (Trojan.Zbot.FBD) -> 6596 -> Delete on reboot.
C:\Users\ian\AppData\Roaming\Baxypub\qiinect.exe (Trojan.Zbot.FBD) -> 8492 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 6
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\Software\InstalledBrowserExtensions\installdaddy (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload (PUP.Optional.1ClickMovieDownloader.A) -> Quarantined and deleted successfully.
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Tiesn (Trojan.Zbot.FBD) -> Data: C:\Users\ian\AppData\Roaming\Baxypub\qiinect.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> Quarantined and repaired successfully.
Folders Detected: 21
C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\CT3319613 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\1clickmoviedownloader.com (PUP.Optional.1ClickMovieDownloader.A) -> Quarantined and deleted successfully.
Files Detected: 139
C:\Users\ian\AppData\Roaming\Baxypub\qiinect.exe (Trojan.Zbot.FBD) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\ian\Desktop\Windows_Vista_Ultimate_Key_100%_working_(by_Abhishek_Rana).exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\ian\Desktop\ZipExtractorSetup.exe (PUP.Optional.JumpyApps.A) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe (PUP.Optional.JumpyApps.A) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\nsb51BD.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\nsw7767.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_05ee7c49.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_07a81421.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_0d4080c6.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_128620c5.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_147b6803.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_2727d376.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_2746b2a3.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_2a28d4f1.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_58d70c36.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_6f7a9357.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_9c5e1ef2.exe (Trojan.Zbot.FBD) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_a34b78a0.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_a34c81cb.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_aa4f667d.exe (Trojan.Zbot.FBD) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_d6a9ecbb.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\UpdateFlashPlayer_dcb0ce97.exe (Trojan.Zbot.FBD) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\Temp\nsr28AB\SpSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\dkoxequh.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\lcrqiwxj.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\lntdoxpp.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\mpujwrnx.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\rjikpkbi.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\slaoojwc.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\wkcvgfkt.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\wlspgvrn.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\xerpumow.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\xrepfxln.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\dkoxequh.exe (Spyware.Zbot.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\lcrqiwxj.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\lntdoxpp.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\mpujwrnx.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\rjikpkbi.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\slaoojwc.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\wkcvgfkt.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\wlspgvrn.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\xerpumow.exe (Trojan.Inject.ED) -> Quarantined and deleted successfully.
C:\Users\ian\AppData\Local\xrepfxln.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\Temporary Internet Files\Content.IE5\6AD9QS5J\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\Temporary Internet Files\Content.IE5\GPMQEJCI\InstallConverter_TSV2426PT.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\Temporary Internet Files\Content.IE5\NA8QUT67\Player_Setup[1].exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\Temporary Internet Files\Content.IE5\RLJ1GQ43\spstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\ian\Local Settings\Temporary Internet Files\Content.IE5\SM5X5B4O\Player_Setup[1].exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Torntv 2-codedownloader.job (PUP.Optional.TornTV.A) -> Delete on reboot.
C:\Windows\Tasks\Torntv 2-enabler.job (PUP.Optional.TornTV.A) -> Delete on reboot.
C:\Windows\Tasks\Torntv 2-updater.job (PUP.Optional.TornTV.A) -> Delete on reboot.
C:\Windows\Tasks\Security Center Update - 1224523755.job (Trojan.Agent.RvGen) -> Delete on reboot.
C:\Windows\Tasks\Security Center Update - 1758381885.job (Trojan.Agent.RvGen) -> Delete on reboot.
C:\Windows\Tasks\Security Center Update - 2323830538.job (Trojan.Agent.RvGen) -> Delete on reboot.
C:\Windows\Tasks\Security Center Update - 2655840328.job (Trojan.Agent.RvGen) -> Delete on reboot.
C:\Windows\Tasks\Security Center Update - 331575522.job (Trojan.Agent.RvGen) -> Delete on reboot.
C:\Windows\Tasks\Security Center Update - 761532076.job (Trojan.Agent.RvGen) -> Delete on reboot.
C:\Windows\Tasks\Security Center Update - 812332827.job (Trojan.Agent.RvGen) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\1ClickMovieDownloader v7-chromeinstaller-dev.job (PUP.Optional.1ClickMovieDownloader.A) -> Delete on reboot.
C:\Windows\Tasks\1ClickMovieDownloader v7-codedownloader.job (PUP.Optional.1ClickMovieDownloader.A) -> Delete on reboot.
C:\Windows\Tasks\1ClickMovieDownloader v7-enabler.job (PUP.Optional.1ClickMovieDownloader.A) -> Delete on reboot.
C:\Windows\Tasks\1ClickMovieDownloader v7-firefoxinstaller.job (PUP.Optional.1ClickMovieDownloader.A) -> Delete on reboot.
C:\Windows\Tasks\1ClickMovieDownloader v7-updater.job (PUP.Optional.1ClickMovieDownloader.A) -> Delete on reboot.
C:\Users\ian\AppData\Local\Temp\CT3319613\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\1clickmoviedownloader.com\MODOextsetup.exe (PUP.Optional.1ClickMovieDownloader.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\1clickmoviedownloader.com\MovieDownloader.exe (PUP.Optional.1ClickMovieDownloader.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\1clickmoviedownloader.com\uninst.exe (PUP.Optional.1ClickMovieDownloader.A) -> Quarantined and deleted successfully.
(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2
Run by ian at 0:12:43 on 2014-02-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6100.3964 [GMT 0:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\taskeng.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\windows\SysWOW64\ezSharedSvcHost.exe
c:\Program Files\MiricsFlexiTV\Driver\msi2500scan.exe
c:\Program Files\MiricsFlexiTV\DVBT\DVBService.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\WUDFHost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\MiricsFlexiTV\Driver\MSiBdaDemodWrapper.exe
C:\windows\system32\taskhost.exe
C:\Program Files\IDT\WDM\beats64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\RunDll32.exe
C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
C:\Program Files (x86)\Hewlett-Packard\HP My Display\OSDManager.exe
svchost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTHtml.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\windows\SysWOW64\RunDll32.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\system32\sppsvc.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe,
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
uRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
uRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
uRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
uRun: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
uRun: [xbcbbdhb] "C:\Users\ian\AppData\Local\cffoxkmm.exe"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
mRun: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPO
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Magic Desktop for HP notification] "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
StartupFolder: C:\Users\ian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\Users\ian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\windows\System32\RunDll32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {46D8BEE7-0B27-4466-ABA2-A5F1E157971C} - hxxp://192.168.0.25/RemoteWeb.cab
DPF: {542CB1D4-810D-4864-8F91-D530B50E89AE} - hxxp://192.168.0.25/Components.cab
DPF: {5FFDFC21-AE40-4C7C-955C-415A1ACE01C8} - hxxp://192.168.0.25/VideoViewer.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{5D6C7040-453D-47F0-85FF-B83056551CBB} : DHCPNameServer = 194.168.4.100 194.168.8.100
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages = scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
x64-mStart Page = about:blank
x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} -
x64-Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [HPSYSDRV] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\windows\System32\drivers\avc3.sys [2013-8-31 893440]
R0 gzflt;gzflt;C:\windows\System32\drivers\gzflt.sys [2013-8-31 150256]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2013-8-31 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2013-8-31 103504]
R1 BDVEDISK;BDVEDISK;C:\windows\System32\drivers\bdvedisk.sys [2013-8-31 76944]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-8-31 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-4-6 236544]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]
R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 ezSharedSvc;Easybits Services for Windows;C:\windows\System32\ezSharedSvcHost.exe --> C:\windows\System32\ezSharedSvcHost.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-8-31 2439272]
R2 msi2500scan;msi2500scan;C:\Program Files\MiricsFlexiTV\Driver\msi2500scan.exe [2011-12-16 229376]
R2 MSiDVBT;MSiDVBT;C:\Program Files\MiricsFlexiTV\DVBT\DVBservice.exe [2011-12-16 2715648]
R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-11-1 67584]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2013-8-31 1134584]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2013-8-31 109360]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2013-8-31 94624]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2013-10-16 67320]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
R3 avchv;avchv Function Driver;C:\windows\System32\drivers\avchv.sys [2013-8-31 261056]
R3 avckf;avckf;C:\windows\System32\drivers\avckf.sys [2013-8-31 635392]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\windows\System32\drivers\bcbtums.sys [2012-4-1 163368]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\windows\System32\drivers\btwampfl.sys [2013-8-31 594472]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2013-8-31 39976]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 MSi2500BDA;AVerMsiBDA service;C:\windows\System32\drivers\AVerMsiBDA.sys [2011-12-16 228352]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\windows\System32\drivers\RtsPStor.sys [2012-3-3 343144]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-2-16 676968]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 tihub3;TI USB3 Hub Service;C:\windows\System32\drivers\tihub3.sys [2011-9-9 136000]
R3 tixhci;TI XHCI Service;C:\windows\System32\drivers\tixhci.sys [2011-9-26 409408]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2013/08/30 22:36:19;C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [2012-2-8 244720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2013-8-31 121928]
S3 BDSandBox;BDSandBox;C:\windows\System32\drivers\bdsandbox.sys [2013-8-31 82824]
S3 BR_MCU;br_mcu2usb.sys USB Driver;C:\windows\System32\drivers\br_mcu2usb.sys [2009-12-8 23552]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-1-1 111616]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-9-1 1255736]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2013-8-31 77632]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-02-10 23:34:13 -------- d-----w- C:\Users\ian\AppData\Local\SearchProtect
2014-02-10 22:58:20 -------- d-----w- C:\Users\ian\AppData\Roaming\Iqicymlo
2014-02-10 22:44:39 -------- d-----w- C:\Users\ian\AppData\Roaming\Baxypub
2014-02-10 21:13:39 -------- d-----w- C:\Users\ian\AppData\Roaming\Wyzapei
2014-02-10 16:06:11 143360 ----a-w- C:\Users\ian\AppData\Local\cffoxkmm.exe
2014-02-10 14:51:06 -------- d-----w- C:\Users\ian\AppData\Roaming\Yvagcify
2014-02-10 14:47:33 126265 ----a-w- C:\Users\ian\AppData\Local\omvaaqtq.exe
2014-02-10 10:43:20 -------- d-----w- C:\Users\ian\AppData\Roaming\Wetaup
2014-02-10 10:38:14 126265 ----a-w- C:\Users\ian\AppData\Local\iltjspig.exe
2014-02-10 06:43:28 126265 ----a-w- C:\Users\ian\AppData\Local\doavscfh.exe
2014-02-10 02:35:24 126265 ----a-w- C:\Users\ian\AppData\Local\bdgcidkd.exe
2014-02-09 22:40:27 126265 ----a-w- C:\Users\ian\AppData\Local\cbdmebgj.exe
2014-02-09 06:39:12 -------- d-----w- C:\Users\ian\AppData\Roaming\Afybir
2014-02-09 02:44:06 -------- d-----w- C:\Users\ian\AppData\Roaming\Abidva
2014-02-09 01:12:31 -------- d-----w- C:\Users\ian\AppData\Roaming\Aksawa
2014-02-08 23:37:25 90112 ----a-w- C:\Users\ian\AppData\Local\gtadbiof.exe
2014-02-08 23:24:24 90112 ----a-w- C:\Users\ian\AppData\Local\hsswacxt.exe
2014-02-08 23:11:23 90112 ----a-w- C:\Users\ian\AppData\Local\hcfjownm.exe
2014-02-08 22:58:22 90112 ----a-w- C:\Users\ian\AppData\Local\flchicob.exe
2014-02-08 22:45:07 90112 ----a-w- C:\Users\ian\AppData\Local\nkbppbcb.exe
2014-02-08 21:52:41 90112 ----a-w- C:\Users\ian\AppData\Local\xhsucbxm.exe
2014-02-08 21:39:40 90112 ----a-w- C:\Users\ian\AppData\Local\xobgcvmx.exe
2014-02-08 21:26:39 90112 ----a-w- C:\Users\ian\AppData\Local\upeqgtan.exe
2014-02-08 21:13:27 90112 ----a-w- C:\Users\ian\AppData\Local\eafcpgkr.exe
2014-02-08 19:42:17 90112 ----a-w- C:\Users\ian\AppData\Local\fqehtdip.exe
2014-02-08 19:29:17 90112 ----a-w- C:\Users\ian\AppData\Local\lemotnld.exe
2014-02-08 19:16:16 90112 ----a-w- C:\Users\ian\AppData\Local\pudlxtxg.exe
2014-02-08 19:03:15 90112 ----a-w- C:\Users\ian\AppData\Local\dnmfqofh.exe
2014-02-08 18:50:14 90112 ----a-w- C:\Users\ian\AppData\Local\jgoptgtf.exe
2014-02-08 18:37:13 90112 ----a-w- C:\Users\ian\AppData\Local\mnfkcvrx.exe
2014-02-08 14:46:13 -------- d-----w- C:\Users\ian\AppData\Roaming\Obykbiwa
2014-02-07 22:50:42 -------- d-----w- C:\Users\ian\AppData\Roaming\Ydveos
2014-02-07 18:41:44 -------- d-----w- C:\Users\ian\AppData\Roaming\Ocugorg
2014-02-07 07:45:02 -------- d-----w- C:\Users\ian\AppData\Roaming\Reweyfv
2014-02-07 03:40:03 -------- d-----w- C:\Users\ian\AppData\Roaming\Qoviekba
2014-02-06 23:01:46 -------- d-----w- C:\Users\ian\AppData\Roaming\Idydufmi
2014-01-14 22:49:31 255552 ----a-w- C:\windows\SysWow64\drivers\mcdbus.sys
2014-01-14 22:49:31 255552 ------w- C:\windows\System32\drivers\mcdbus.sys
2014-01-14 22:49:31 -------- d-----w- C:\Program Files (x86)\MagicDisc
2014-01-14 22:24:16 -------- d-----w- C:\Users\ian\AppData\Local\Cool_Mirage
.
==================== Find3M ====================
.
2014-01-27 14:08:06 893440 ------w- C:\windows\System32\drivers\avc3.sys
2014-01-27 14:08:03 635392 ----a-w- C:\windows\System32\drivers\avckf.sys
2013-12-18 21:09:39 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ------w- C:\windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ------w- C:\windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\windows\System32\WMPhoto.dll
2013-11-13 12:05:20 82824 ----a-w- C:\windows\System32\drivers\bdsandbox.sys
2013-11-13 12:05:19 34384 ----a-w- C:\windows\System32\bdsandboxuh.dll
2013-11-13 12:05:17 84848 ----a-w- C:\windows\System32\bdsandboxuiskin.dll
2013-11-13 12:05:16 74512 ----a-w- C:\windows\SysWow64\bdsandboxuiskin32.dll
2013-11-13 12:05:16 74512 ----a-w- C:\windows\System32\bdsandboxuiskin32.dll
.
============= FINISH: 0:13:38.83 ===============