malwarebytes log

scotty1971

just done a quick scan and this is the 29 objects it came up with,can someone have a look at the log ant tell if i have tod elete them all.

cheers

scott

Malwarebytes Anti-Malware 1.75.0.1300
https://www.malwarebytes.org

Database version: v2013.09.21.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
olivia :: OLIVIA-PC [administrator]

21/09/2013 20:38:52
MBAM-log-2013-09-21 (20-45-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 198359
Time elapsed: 5 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 10
HKCR\CLSID\{b9507101-e464-4b3b-a4cb-291aaedd94f2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\TypeLib\{006232f7-dbd6-4631-84e8-66ea161b43c4} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\Interface\{BB9817CA-9B43-41EB-8706-44847957338D} (PUP.Optional.BrowseFox.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> No action taken.
HKCU\Software\Datamngr (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\olivia\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.

Files Detected: 18
C:\Program Files (x86)\BrowseFox\BrowseFoxBHO.dll (PUP.Optional.BrowseFox.A) -> No action taken.
C:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\Vt1ZQtUk.exe.part (PUP.Optional.OneClickDownloader.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\Setup.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\Downloads\rcpsetup_softonic_new_sd_new_enprem.exe (PUP.Optional.RegCleanerPro) -> No action taken.
C:\Users\olivia\Downloads\VipBoxSportsAppsInstall(18_3f)_ff(1).exe (PUP.Optional.OneClickDownloader.A) -> No action taken.
C:\Users\olivia\Downloads\VipBoxSportsAppsInstall(18_3f)_ff.exe (PUP.Optional.OneClickDownloader.A) -> No action taken.
C:\Users\olivia\AppData\Local\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\olivia\Local Settings\Temporary Internet Files\Content.IE5\T2A77AZA\stubinst_pkg_en-uk[1].cab (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\olivia\Local Settings\Temporary Internet Files\Content.IE5\ZGI6YCTZ\Setup[1].exe (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Users\olivia\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> No action taken.

(end)

NiftyDigits

Why have you taken no action?

Monkeysees

most of those are temp files.

I would always recommend combofix from bleeping computer. I use at work for my tech job

[Deleted User]

Bleeping computer? can you explain please

debitcardmayhem

NiftyDigits wrote: »

Why have you taken no action?

Indeed why have you not deleted them , also having re-run Malwarebytes and select delete , then probably down and run adwarecleaner http://www.bleepingcomputer.com/download/adwcleaner/dl/125/ to get rid of anything else. And ignore combofix unless asked by someone like waddler8

scotty1971

deleted everything now thanks

scotty1971

this what adw cleaner came up with,do i just delete everything??

AdwCleaner v3.004 - Report created 21/09/2013 at 22:03:08
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : olivia - OLIVIA-PC
# Running from : C:\Users\olivia\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Found : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\\invalidprefs.js
File Found : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\searchplugins\Search_Results.xml
File Found : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\user.js
File Found : C:\Users\Public\Desktop\eBay.lnk
Folder Found : C:\Users\olivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Found : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Vuze_Remote
Folder Found C:\Program Files (x86)\Vuze_Remote
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\DSearchLink
Folder Found C:\ProgramData\Partner
Folder Found C:\Users\olivia\AppData\Local\Conduit
Folder Found C:\Users\olivia\AppData\LocalLow\boost_interprocess
Folder Found C:\Users\olivia\AppData\LocalLow\Conduit
Folder Found C:\Users\olivia\AppData\LocalLow\PriceGong
Folder Found C:\Users\olivia\AppData\LocalLow\Vuze_Remote
Folder Found C:\Users\olivia\AppData\LocalLow\Vuze_Remote
Folder Found C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\ConduitCommon
Folder Found C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\CT2504091
Folder Found C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\jetpack

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\BabSolution
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Delta
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52A38A61-93C4-4E21-9DF9-4DF7D5D0CCD2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6AEABAC-5790-4C16-A97B-71FD2DCEC4A1}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-earth_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-earth_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Found : HKLM\Software\Vuze_Remote
Key Found : [x64] HKLM\SOFTWARE\DataMngr
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\prefs.js ]

Line Found : user_pref("CT2504091..clientLogIsEnabled", false);
Line Found : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Found : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);
Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_129990558296257215", true);
Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_1359634298000", true);
Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_1366636701000", true);
Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_1367226520000", true);
Line Found : user_pref("CT2504091.CT2504091.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2504091&octid=CT2504091&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Found : user_pref("CT2504091.CTID", "CT2504091");
Line Found : user_pref("CT2504091.ConfigurationLastCheckTime", "Sat Sep 21 2013 16:33:53 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.CurrentServerDate", "21-9-2013");
Line Found : user_pref("CT2504091.DSInstall", false);
Line Found : user_pref("CT2504091.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2504091.DialogsGetterLastCheckTime", "Sun Sep 15 2013 09:35:41 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.DownloadReferralCookieData", "");
Line Found : user_pref("CT2504091.EMailNotifierPollDate", "Fri Dec 30 2011 23:15:13 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2504091.FeedLastCount129079840422964131", 0);
Line Found : user_pref("CT2504091.FeedPollDate128891351169457140", "Fri Dec 30 2011 23:09:45 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2504091.FeedPollDate129079840422964131", "Fri Dec 30 2011 23:09:45 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Line Found : user_pref("CT2504091.FirstServerDate", "31-12-2011");
Line Found : user_pref("CT2504091.FirstTime", true);
Line Found : user_pref("CT2504091.FirstTimeFF3", true);
Line Found : user_pref("CT2504091.FixPageNotFoundErrors", true);
Line Found : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT2504091.HPInstall", false);
Line Found : user_pref("CT2504091.HasUserGlobalKeys", true);
Line Found : user_pref("CT2504091.HomePageProtectorEnabled", false);
Line Found : user_pref("CT2504091.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Line Found : user_pref("CT2504091.Initialize", true);
Line Found : user_pref("CT2504091.InitializeCommonPrefs", true);
Line Found : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT2504091.InstallationId", "ConduitNSISIntegration");
Line Found : user_pref("CT2504091.InstallationType", "ConduitXPEIntegration");
Line Found : user_pref("CT2504091.InstalledDate", "Fri Dec 30 2011 23:09:45 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2504091.IsAlertDBUpdated", true);
Line Found : user_pref("CT2504091.IsGrouping", false);
Line Found : user_pref("CT2504091.IsInitSetupIni", true);
Line Found : user_pref("CT2504091.IsMulticommunity", false);
Line Found : user_pref("CT2504091.IsOpenThankYouPage", false);
Line Found : user_pref("CT2504091.IsOpenUninstallPage", false);
Line Found : user_pref("CT2504091.LanguagePackLastCheckTime", "Sat Sep 21 2013 21:23:50 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT2504091.LastLogin_3.12.2.3", "Mon Jun 04 2012 16:09:53 GMT+0100 (GMT Daylight Time)");
Line Found : user_pref("CT2504091.LastLogin_3.13.0.6", "Tue Jul 17 2012 06:45:27 GMT+0100 (GMT Daylight Time)");
Line Found : user_pref("CT2504091.LastLogin_3.14.1.0", "Tue Aug 21 2012 17:58:45 GMT+0100 (GMT Daylight Time)");
Line Found : user_pref("CT2504091.LastLogin_3.15.1.0", "Thu Nov 15 2012 20:00:33 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2504091.LastLogin_3.16.0.100", "Sat Feb 16 2013 16:30:41 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2504091.LastLogin_3.16.0.3", "Fri Jan 04 2013 19:52:51 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2504091.LastLogin_3.18.0.7", "Sun Jul 14 2013 15:59:16 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.LastLogin_3.19.0.3", "Sun Sep 08 2013 09:23:05 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.LastLogin_3.20.0.4", "Sat Sep 21 2013 21:15:26 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.LastLogin_3.8.1.0", "Fri Dec 30 2011 23:09:46 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2504091.LatestVersion", "3.20.0.4");
Line Found : user_pref("CT2504091.Locale", "en-us");
Line Found : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT2504091.MCDetectTooltipShow", false);
Line Found : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
Line Found : user_pref("CT2504091.OriginalFirstVersion", "3.8.1.0");
Line Found : user_pref("CT2504091.SearchAPILastCheckTime", "Sat Sep 21 2013 16:33:53 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.SearchCaption", "Web Search");
Line Found : user_pref("CT2504091.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Line Found : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q=");
Line Found : user_pref("CT2504091.SearchInNewTabEnabled", true);
Line Found : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sun Sep 08 2013 03:00:37 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Found : user_pref("CT2504091.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT2504091&octid=CT2504091&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
Line Found : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2504091.SearchProtectorEnabled", false);
Line Found : user_pref("CT2504091.SearchProtectorToolbarDisabled", false);
Line Found : user_pref("CT2504091.SendProtectorDataViaLogin", true);
Line Found : user_pref("CT2504091.ServiceMapLastCheckTime", "Sat Sep 21 2013 16:33:53 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.SettingsLastCheckTime", "Sat Sep 21 2013 22:00:41 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CT2504091.SettingsLastUpdate", "1379751142");
Line Found : user_pref("CT2504091.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2504091&SearchSource=13");
Line Found : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Fri Dec 30 2011 23:09:44 GMT+0000 (GMT Standard Time)");
Line Found : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586");
Line Found : user_pref("CT2504091.ToolbarShrinkedFromSetup", false);
Line Found : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091");
Line Found : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Found : user_pref("CT2504091.UserID", "UN71180387453174649");
Line Found : user_pref("CT2504091.ValidationData_Toolbar", 2);
Line Found : user_pref("CT2504091.alertChannelId", "897164");
Line Found : user_pref("CT2504091.approveUntrustedApps", false);
Line Found : user_pref("CT2504091.autoDisableScopes", -1);
Line Found : user_pref("CT2504091.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B474953462D584D503D263F2D2E3135443B464E4F5B565E695B426D6265523B544243464959505B637D737B6E55217578654E675[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426D62455E69543D56444643465B525D66716C216E6B587D73675[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e-x305", "247E29327641363937333545397E3F493B2F77317E202520362D3842474A58515A5C585D505F593964595C49324B393A3F395047525C4173686B6965677B796F6D7B6E552175785926766[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e.:2z527", "2423");
Line Found : user_pref("CT2504091.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F564654524C474A595A4851505E51523964595C49324B393C3B3E5047525D6C6A6B6F786D68506A6F7171742256227679664F6[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C4343534E2D585B3C253E2C302E34433A45515862695E675A416C6164513A5341454348584F5A666D7B7C7174726E702174745B2[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e06cg5el8:", "6E6D6A6C6E6B74746E70");
Line Found : user_pref("CT2504091.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473707274717A7A7476242F4B49474F42357D5D5C3D");
Line Found : user_pref("CT2504091.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E41295547484D515A4E5A59325D5255422B443237303749404B585E685E706E6E6674626E696B4D786D705D465F4D524B51645B66732[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473E454745482F5A4F523F2841302D2F33463D48566265685C6B675F6D70604873686B58415A4946484B5F56616F7C217D74747[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D3229344356554E472E594E51325E4F412A4335373231483F4A59655F5F626C5B717369756975744D786D70517E6B60496252505451675[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e31;cjeik4!la$=h", "247E61393F236B25767179722A212C6E414F444D327A34515557402D584D3049543F364124615651595457514A334C282E4F46513460616A563F58475A515C696D746049686[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352C37474B59574B4A4858584E5E3762573A535E49324B3A3D3F3B504752626C625D75786D766A7C517C7174614A63525557526[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426D6265523B544346494A59505B6C697A7E21702370765925797[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D49564A50592E594E314A55402942322E332F473E495B5D595A6A5E58707262674974696C59425B4B474B51605762747C2473737[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B364953545259585A5A50524E36615659462F4838353D3C4D444F626C6D6B72716A77614D786D705D465F4F4C5451645B66797[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347513F445559424C5A315C5154412A4333323037483F4A5E68565B5970606E6C666164734C776C6F5C455E4E4D4B51635A6579247[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E782332293449565540472E594E513E274030323533453C475C5558636A656E625E6C616B7068734B766B6E5B445D4D4F524F6259647927767[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4F44504C4754585C5048345F5457442D46373135344B424D636B5D5F5F73696B4A756A6D5A435C4D474B4961586379226F742[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A30273249485545442C574C4F3C253E2F2A2D2D433A455C67555B5E3F6A5F624F3851423D403F564D586F7A68786C717154207477644D66575[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354D462C574C4F3C253E2F2B2B31433A455D6356575C5C5A416C6164513A5344404045584F5A7273717A786D2256227679664F6[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352C37504C4757514B4F47345F5457442D4637343A3A4B424D665E705B646571634A756A6D5A435C4D4A504F6158637C7179207[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B36505459574C554F515B345F5457442D46373637384B424D676B706E606F61666B63664D786D705D465F504F5050645B66212[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A35504F5346482F5A4F523F28413233342F463D48635C5D66626A436E6366533C55464748425A515C77707773202371215925797[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3652504C5249555256525C35605558452E47383B38364C434E6A706F5F65635D736F677578684C65706B54207477644D66575[...]
Line Found : user_pref("CT2504091.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2A554A2D46513C253E302B332C433A45626756516259655F5F436E63465F6A553E5749444C445C535E7B21747C7821745A267[...]
Line Found : user_pref("CT2504091.countryCode", "GB");
Line Found : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Found : user_pref("CT2504091.homepageProtectorEnableByLogin", true);
Line Found : user_pref("CT2504091.initDone", true);
Line Found : user_pref("CT2504091.myStuffEnabled", true);
Line Found : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT2504091.revertSettingsEnabled", true);
Line Found : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
Line Found : user_pref("CT2504091.searchProtectorEnableByLogin", true);
Line Found : user_pref("CT2504091.testingCtid", "");
Line Found : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Sat Sep 21 2013 16:33:53 GMT+0100 (GMT Standard Time)");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2504091/CT2504091", "\"6c01100c80ffc769b4148f07ca1ee53e3\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", "\"1367226812\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"fc14279192a093fcc176db756792a37c\"");
Line Found : user_pref("CommunityToolbar.globalUserId", "7f2fbfc4-0caa-4cb5-a835-4a21363a07f8");

-\\ Google Chrome v

[ File : C:\Users\olivia\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [23668 octets] - [21/09/2013 22:03:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [23729 octets] ##########

debitcardmayhem

I would say yes ,and then run DDS,from here http://download.bleepingcomputer.com/sUBs/dds.com and post the log, but if in doubt wait a bit for an expert for a more in depth view

scotty1971

NTFS_AMD64
Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.25.2
Run by olivia at 23:57:02 on 2013-09-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4009.2099 [GMT 1:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
Running Processes
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Fujitsu\PSUtility\PSUService.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
Pseudo HJT Report
.
uStart Page = hxxp://www.mozilla.co.uk/
uDefault_Page_URL = hxxp://ts.fujitsu.com
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
StartupFolder: C:\Users\olivia\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{B958FAE9-6468-42A6-85AD-14BDAF37849A} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B958FAE9-6468-42A6-85AD-14BDAF37849A}\3416D6075737E45647F5C4962633 : DHCPNameServer = 139.153.30.1 139.153.30.2
TCP: Interfaces\{B958FAE9-6468-42A6-85AD-14BDAF37849A}\3416D6075737E45647F5C4962643 : DHCPNameServer = 139.153.30.1 139.153.30.2
TCP: Interfaces\{B958FAE9-6468-42A6-85AD-14BDAF37849A}\6596379647F627E45647 : DHCPNameServer = 139.153.30.1 139.153.30.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
x64-Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
x64-Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
x64-Run: [PfNet] "C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe" /r
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
x64-Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
x64-Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
FIREFOX
.
FF - ProfilePath - C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 FBIOSDRV;Fujitsu BIOS Driver;C:\Windows\System32\drivers\FBIOSDRV.sys [2010-11-15 21104]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-1-14 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r [?]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-3 983104]
R2 PFNService;PFNService;C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-7 331776]
R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2011-5-7 63336]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-24 2656280]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-11-4 58128]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-15 327168]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\System32\drivers\fuj02e3.sys [2010-10-12 7296]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-9 60416]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-5-2 317440]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-3-24 25496]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-1-14 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-1-14 29528]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-5-7 245792]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-1-17 412776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-3-24 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-31 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128]
S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.
2013-09-21 21:03:02

---

d

---

w- C:\AdwCleaner
2013-09-21 15:33:14

---

d

---

w- C:\Program Files (x86)\FreeHDSport.TV
2013-09-21 15:33:08

---

d

---

w- C:\Program Files (x86)\VipBoxSportsApp.com
2013-09-21 13:20:41

---

d

---

w- C:\Users\olivia\AppData\Local\cache
2013-09-21 13:12:03

---

d

---

w- C:\ProgramData\VTech
2013-09-21 13:12:03

---

d

---

w- C:\Program Files (x86)\VTech
2013-09-18 18:15:29

---

d

---

w- C:\Users\olivia\AppData\Local\{7F7931EF-F99E-4AB7-8D26-16E40BAE2E05}
2013-09-12 22:34:16 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-09-11 07:14:34

---

d

---

w- C:\Users\olivia\AppData\Roaming\RealNetworks
2013-09-11 07:13:59

---

d

---

w- C:\Program Files (x86)\RealNetworks
2013-09-11 07:13:58

---

d

---

w- C:\ProgramData\RealNetworks
2013-09-11 07:09:27

---

d

---

w- C:\Program Files (x86)\Common Files\xing shared
2013-08-24 07:42:20

---

d

---

w- C:\Users\olivia\AppData\Local\{AFA6341C-5AB6-4334-9E89-347B0C0E3507}
.
==================== Find3M ====================
.
2013-09-11 10:04:01 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-11 10:04:01 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-11 07:09:03 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-09-11 07:09:03 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-08-07 22:54:02 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-25 19:44:43 54368 ----a-w- C:\Windows\System32\drivers\kltdi.sys
2013-06-25 19:44:43 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys
2013-06-25 19:44:42 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys

waddler_8

DDS log is fine now.

The mbam log clearly showed all PUP.Optional.family.variant They are just bundled PUP's. No need to deploy a powerfull tool such as combofix on this occasion. See here: http://blog.malwarebytes.org/news/2013/07/malwarebytes-adopts-aggressive-pup-policy/

No doubt bundled when you installed these:

2013-09-21 15:33:14

---

d

---

w- C:\Program Files (x86)\FreeHDSport.TV
2013-09-21 15:33:08

---

d

---

w- C:\Program Files (x86)\VipBoxSportsApp.com

https://www.virustotal.com/en/file/2e72a05f1c9e9ba16081effd7677c18478544d001d342febae0486fb61c5be1a/analysis/1379838612/
https://www.virustotal.com/en/file/479f2cd0bf15f76ef3e57ff0a1c06b6aeb33bff0d6f8bda666d95b4df7e1fa7b/analysis/1379838689/

Uninstall them.

scotty1971

waddler_8 wrote: »

DDS log is fine now.

The mbam log clearly showed all PUP.Optional.family.variant They are just bundled PUP's. No need to deploy a powerfull tool such as combofix on this occasion. See here: http://blog.malwarebytes.org/news/2013/07/malwarebytes-adopts-aggressive-pup-policy/

No doubt bundled when you installed these:



https://www.virustotal.com/en/file/2e72a05f1c9e9ba16081effd7677c18478544d001d342febae0486fb61c5be1a/analysis/1379838612/
https://www.virustotal.com/en/file/479f2cd0bf15f76ef3e57ff0a1c06b6aeb33bff0d6f8bda666d95b4df7e1fa7b/analysis/1379838689/

Uninstall them.

thats exactly when they were installed thanks