We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

The MSE Forum Team would like to wish you all a Merry Christmas. However, we know this time of year can be difficult for some. If you're struggling during the festive period, here's a list of organisations that might be able to help
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Has MSE helped you to save or reclaim money this year? Share your 2025 MoneySaving success stories!

malwarebytes log

scotty1971
scotty1971 Posts: 1,732 Forumite
Part of the Furniture 1,000 Posts Combo Breaker
in Techie Stuff
just done a quick scan and this is the 29 objects it came up with,can someone have a look at the log ant tell if i have tod elete them all.

cheers

scott

Malwarebytes Anti-Malware 1.75.0.1300
https://www.malwarebytes.org

Database version: v2013.09.21.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
olivia :: OLIVIA-PC [administrator]

21/09/2013 20:38:52
MBAM-log-2013-09-21 (20-45-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 198359
Time elapsed: 5 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 10
HKCR\CLSID\{b9507101-e464-4b3b-a4cb-291aaedd94f2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\TypeLib\{006232f7-dbd6-4631-84e8-66ea161b43c4} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\Interface\{BB9817CA-9B43-41EB-8706-44847957338D} (PUP.Optional.BrowseFox.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> No action taken.
HKCU\Software\Datamngr (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\olivia\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.

Files Detected: 18
C:\Program Files (x86)\BrowseFox\BrowseFoxBHO.dll (PUP.Optional.BrowseFox.A) -> No action taken.
C:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\Vt1ZQtUk.exe.part (PUP.Optional.OneClickDownloader.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> No action taken.
C:\Users\olivia\AppData\Local\Temp\11E163B5-BAB0-7891-A996-0A09034BE38A\Latest\Setup.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\Downloads\rcpsetup_softonic_new_sd_new_enprem.exe (PUP.Optional.RegCleanerPro) -> No action taken.
C:\Users\olivia\Downloads\VipBoxSportsAppsInstall(18_3f)_ff(1).exe (PUP.Optional.OneClickDownloader.A) -> No action taken.
C:\Users\olivia\Downloads\VipBoxSportsAppsInstall(18_3f)_ff.exe (PUP.Optional.OneClickDownloader.A) -> No action taken.
C:\Users\olivia\AppData\Local\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\olivia\Local Settings\Temporary Internet Files\Content.IE5\T2A77AZA\stubinst_pkg_en-uk[1].cab (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\olivia\Local Settings\Temporary Internet Files\Content.IE5\ZGI6YCTZ\Setup[1].exe (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Users\olivia\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\olivia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> No action taken.

(end)

Comments

  • NiftyDigits
    NiftyDigits Posts: 10,459 Forumite
    Why have you taken no action?
  • Monkeysees
    Monkeysees Posts: 12 Forumite
    most of those are temp files.

    I would always recommend combofix from bleeping computer. I use at work for my tech job
  • [Deleted User]
    [Deleted User] Posts: 0 Newbie
    Tenth Anniversary Combo Breaker
    Bleeping computer? can you explain please
  • debitcardmayhem
    debitcardmayhem Posts: 13,282 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    NiftyDigits wrote: »
    Why have you taken no action?
    Indeed why have you not deleted them , also having re-run Malwarebytes and select delete , then probably down and run adwarecleaner http://www.bleepingcomputer.com/download/adwcleaner/dl/125/ to get rid of anything else. And ignore combofix unless asked by someone like waddler8
    4.8kWp 12x400W Longhi 9.6 kWh battery Giv-hy 5.0 Inverter, WSW facing Essex . Aint no sunshine ☀️ Octopus gas fixed dec 24 @ 5.74 tracker again+ Octopus Intelligent Flux leccy
  • scotty1971
    scotty1971 Posts: 1,732 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    deleted everything now thanks
  • scotty1971
    scotty1971 Posts: 1,732 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    this what adw cleaner came up with,do i just delete everything??

    AdwCleaner v3.004 - Report created 21/09/2013 at 22:03:08
    # Updated 15/09/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : olivia - OLIVIA-PC
    # Running from : C:\Users\olivia\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\END
    File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
    File Found : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\\invalidprefs.js
    File Found : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\searchplugins\Search_Results.xml
    File Found : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\user.js
    File Found : C:\Users\Public\Desktop\eBay.lnk
    Folder Found : C:\Users\olivia\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Folder Found : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
    Folder Found C:\Program Files (x86)\Conduit
    Folder Found C:\Program Files (x86)\Vuze_Remote
    Folder Found C:\Program Files (x86)\Vuze_Remote
    Folder Found C:\ProgramData\Babylon
    Folder Found C:\ProgramData\DSearchLink
    Folder Found C:\ProgramData\Partner
    Folder Found C:\Users\olivia\AppData\Local\Conduit
    Folder Found C:\Users\olivia\AppData\LocalLow\boost_interprocess
    Folder Found C:\Users\olivia\AppData\LocalLow\Conduit
    Folder Found C:\Users\olivia\AppData\LocalLow\PriceGong
    Folder Found C:\Users\olivia\AppData\LocalLow\Vuze_Remote
    Folder Found C:\Users\olivia\AppData\LocalLow\Vuze_Remote
    Folder Found C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\ConduitCommon
    Folder Found C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\CT2504091
    Folder Found C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\jetpack

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\PriceGong
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\AppDataLow\Software\Vuze_Remote
    Key Found : HKCU\Software\AppDataLow\Toolbar
    Key Found : HKCU\Software\BabSolution
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Delta
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
    Key Found : HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\BabSolution
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\Delta
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    Key Found : HKLM\SOFTWARE\Classes\Prod.cap
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\Delta
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52A38A61-93C4-4E21-9DF9-4DF7D5D0CCD2}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6AEABAC-5790-4C16-A97B-71FD2DCEC4A1}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-earth_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-earth_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
    Key Found : HKLM\Software\Vuze_Remote
    Key Found : [x64] HKLM\SOFTWARE\DataMngr
    Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B4DE90BB-150D-4B33-95FE-6BAAC97E1C21}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16686


    -\\ Mozilla Firefox v23.0.1 (en-US)

    [ File : C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\prefs.js ]

    Line Found : user_pref("CT2504091..clientLogIsEnabled", false);
    Line Found : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
    Line Found : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
    Line Found : user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Line Found : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);
    Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_129990558296257215", true);
    Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_1359634298000", true);
    Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_1366636701000", true);
    Line Found : user_pref("CT2504091.BrowserCompStateIsOpen_1367226520000", true);
    Line Found : user_pref("CT2504091.CT2504091.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2504091&octid=CT2504091&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
    Line Found : user_pref("CT2504091.CTID", "CT2504091");
    Line Found : user_pref("CT2504091.ConfigurationLastCheckTime", "Sat Sep 21 2013 16:33:53 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.CurrentServerDate", "21-9-2013");
    Line Found : user_pref("CT2504091.DSInstall", false);
    Line Found : user_pref("CT2504091.DialogsAlignMode", "LTR");
    Line Found : user_pref("CT2504091.DialogsGetterLastCheckTime", "Sun Sep 15 2013 09:35:41 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.DownloadReferralCookieData", "");
    Line Found : user_pref("CT2504091.EMailNotifierPollDate", "Fri Dec 30 2011 23:15:13 GMT+0000 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.FeedLastCount129079840422964131", 0);
    Line Found : user_pref("CT2504091.FeedPollDate128891351169457140", "Fri Dec 30 2011 23:09:45 GMT+0000 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.FeedPollDate129079840422964131", "Fri Dec 30 2011 23:09:45 GMT+0000 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.FeedTTL128891351169457140", 40);
    Line Found : user_pref("CT2504091.FirstServerDate", "31-12-2011");
    Line Found : user_pref("CT2504091.FirstTime", true);
    Line Found : user_pref("CT2504091.FirstTimeFF3", true);
    Line Found : user_pref("CT2504091.FixPageNotFoundErrors", true);
    Line Found : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
    Line Found : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Line Found : user_pref("CT2504091.HPInstall", false);
    Line Found : user_pref("CT2504091.HasUserGlobalKeys", true);
    Line Found : user_pref("CT2504091.HomePageProtectorEnabled", false);
    Line Found : user_pref("CT2504091.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
    Line Found : user_pref("CT2504091.Initialize", true);
    Line Found : user_pref("CT2504091.InitializeCommonPrefs", true);
    Line Found : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
    Line Found : user_pref("CT2504091.InstallationId", "ConduitNSISIntegration");
    Line Found : user_pref("CT2504091.InstallationType", "ConduitXPEIntegration");
    Line Found : user_pref("CT2504091.InstalledDate", "Fri Dec 30 2011 23:09:45 GMT+0000 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.IsAlertDBUpdated", true);
    Line Found : user_pref("CT2504091.IsGrouping", false);
    Line Found : user_pref("CT2504091.IsInitSetupIni", true);
    Line Found : user_pref("CT2504091.IsMulticommunity", false);
    Line Found : user_pref("CT2504091.IsOpenThankYouPage", false);
    Line Found : user_pref("CT2504091.IsOpenUninstallPage", false);
    Line Found : user_pref("CT2504091.LanguagePackLastCheckTime", "Sat Sep 21 2013 21:23:50 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
    Line Found : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
    Line Found : user_pref("CT2504091.LastLogin_3.12.2.3", "Mon Jun 04 2012 16:09:53 GMT+0100 (GMT Daylight Time)");
    Line Found : user_pref("CT2504091.LastLogin_3.13.0.6", "Tue Jul 17 2012 06:45:27 GMT+0100 (GMT Daylight Time)");
    Line Found : user_pref("CT2504091.LastLogin_3.14.1.0", "Tue Aug 21 2012 17:58:45 GMT+0100 (GMT Daylight Time)");
    Line Found : user_pref("CT2504091.LastLogin_3.15.1.0", "Thu Nov 15 2012 20:00:33 GMT+0000 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.LastLogin_3.16.0.100", "Sat Feb 16 2013 16:30:41 GMT+0000 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.LastLogin_3.16.0.3", "Fri Jan 04 2013 19:52:51 GMT+0000 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.LastLogin_3.18.0.7", "Sun Jul 14 2013 15:59:16 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.LastLogin_3.19.0.3", "Sun Sep 08 2013 09:23:05 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.LastLogin_3.20.0.4", "Sat Sep 21 2013 21:15:26 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.LastLogin_3.8.1.0", "Fri Dec 30 2011 23:09:46 GMT+0000 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.LatestVersion", "3.20.0.4");
    Line Found : user_pref("CT2504091.Locale", "en-us");
    Line Found : user_pref("CT2504091.MCDetectTooltipHeight", "83");
    Line Found : user_pref("CT2504091.MCDetectTooltipShow", false);
    Line Found : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Line Found : user_pref("CT2504091.MCDetectTooltipWidth", "295");
    Line Found : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
    Line Found : user_pref("CT2504091.OriginalFirstVersion", "3.8.1.0");
    Line Found : user_pref("CT2504091.SearchAPILastCheckTime", "Sat Sep 21 2013 16:33:53 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.SearchCaption", "Web Search");
    Line Found : user_pref("CT2504091.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
    Line Found : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
    Line Found : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q=");
    Line Found : user_pref("CT2504091.SearchInNewTabEnabled", true);
    Line Found : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
    Line Found : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Sun Sep 08 2013 03:00:37 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
    Line Found : user_pref("CT2504091.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT2504091&octid=CT2504091&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
    Line Found : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
    Line Found : user_pref("CT2504091.SearchProtectorEnabled", false);
    Line Found : user_pref("CT2504091.SearchProtectorToolbarDisabled", false);
    Line Found : user_pref("CT2504091.SendProtectorDataViaLogin", true);
    Line Found : user_pref("CT2504091.ServiceMapLastCheckTime", "Sat Sep 21 2013 16:33:53 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.SettingsLastCheckTime", "Sat Sep 21 2013 22:00:41 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.SettingsLastUpdate", "1379751142");
    Line Found : user_pref("CT2504091.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2504091&SearchSource=13");
    Line Found : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
    Line Found : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Fri Dec 30 2011 23:09:44 GMT+0000 (GMT Standard Time)");
    Line Found : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586");
    Line Found : user_pref("CT2504091.ToolbarShrinkedFromSetup", false);
    Line Found : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2504091");
    Line Found : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
    Line Found : user_pref("CT2504091.UserID", "UN71180387453174649");
    Line Found : user_pref("CT2504091.ValidationData_Toolbar", 2);
    Line Found : user_pref("CT2504091.alertChannelId", "897164");
    Line Found : user_pref("CT2504091.approveUntrustedApps", false);
    Line Found : user_pref("CT2504091.autoDisableScopes", -1);
    Line Found : user_pref("CT2504091.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B474953462D584D503D263F2D2E3135443B464E4F5B565E695B426D6265523B544243464959505B637D737B6E55217578654E675[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426D62455E69543D56444643465B525D66716C216E6B587D73675[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e-x305", "247E29327641363937333545397E3F493B2F77317E202520362D3842474A58515A5C585D505F593964595C49324B393A3F395047525C4173686B6965677B796F6D7B6E552175785926766[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e.:2z527", "2423");
    Line Found : user_pref("CT2504091.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F564654524C474A595A4851505E51523964595C49324B393C3B3E5047525D6C6A6B6F786D68506A6F7171742256227679664F6[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C4343534E2D585B3C253E2C302E34433A45515862695E675A416C6164513A5341454348584F5A666D7B7C7174726E702174745B2[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e06cg5el8:", "6E6D6A6C6E6B74746E70");
    Line Found : user_pref("CT2504091.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473707274717A7A7476242F4B49474F42357D5D5C3D");
    Line Found : user_pref("CT2504091.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E41295547484D515A4E5A59325D5255422B443237303749404B585E685E706E6E6674626E696B4D786D705D465F4D524B51645B66732[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473E454745482F5A4F523F2841302D2F33463D48566265685C6B675F6D70604873686B58415A4946484B5F56616F7C217D74747[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D3229344356554E472E594E51325E4F412A4335373231483F4A59655F5F626C5B717369756975744D786D70517E6B60496252505451675[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e31;cjeik4!la$=h", "247E61393F236B25767179722A212C6E414F444D327A34515557402D584D3049543F364124615651595457514A334C282E4F46513460616A563F58475A515C696D746049686[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352C37474B59574B4A4858584E5E3762573A535E49324B3A3D3F3B504752626C625D75786D766A7C517C7174614A63525557526[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426D6265523B544346494A59505B6C697A7E21702370765925797[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D49564A50592E594E314A55402942322E332F473E495B5D595A6A5E58707262674974696C59425B4B474B51605762747C2473737[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B364953545259585A5A50524E36615659462F4838353D3C4D444F626C6D6B72716A77614D786D705D465F4F4C5451645B66797[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347513F445559424C5A315C5154412A4333323037483F4A5E68565B5970606E6C666164734C776C6F5C455E4E4D4B51635A6579247[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E782332293449565540472E594E513E274030323533453C475C5558636A656E625E6C616B7068734B766B6E5B445D4D4F524F6259647927767[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4F44504C4754585C5048345F5457442D46373135344B424D636B5D5F5F73696B4A756A6D5A435C4D474B4961586379226F742[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A30273249485545442C574C4F3C253E2F2A2D2D433A455C67555B5E3F6A5F624F3851423D403F564D586F7A68786C717154207477644D66575[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354D462C574C4F3C253E2F2B2B31433A455D6356575C5C5A416C6164513A5344404045584F5A7273717A786D2256227679664F6[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352C37504C4757514B4F47345F5457442D4637343A3A4B424D665E705B646571634A756A6D5A435C4D4A504F6158637C7179207[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B36505459574C554F515B345F5457442D46373637384B424D676B706E606F61666B63664D786D705D465F504F5050645B66212[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A35504F5346482F5A4F523F28413233342F463D48635C5D66626A436E6366533C55464748425A515C77707773202371215925797[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3652504C5249555256525C35605558452E47383B38364C434E6A706F5F65635D736F677578684C65706B54207477644D66575[...]
    Line Found : user_pref("CT2504091.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2A554A2D46513C253E302B332C433A45626756516259655F5F436E63465F6A553E5749444C445C535E7B21747C7821745A267[...]
    Line Found : user_pref("CT2504091.countryCode", "GB");
    Line Found : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
    Line Found : user_pref("CT2504091.homepageProtectorEnableByLogin", true);
    Line Found : user_pref("CT2504091.initDone", true);
    Line Found : user_pref("CT2504091.myStuffEnabled", true);
    Line Found : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
    Line Found : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
    Line Found : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
    Line Found : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
    Line Found : user_pref("CT2504091.revertSettingsEnabled", true);
    Line Found : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
    Line Found : user_pref("CT2504091.searchProtectorEnableByLogin", true);
    Line Found : user_pref("CT2504091.testingCtid", "");
    Line Found : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Sat Sep 21 2013 16:33:53 GMT+0100 (GMT Standard Time)");
    Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2504091/CT2504091", "\"6c01100c80ffc769b4148f07ca1ee53e3\"");
    Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", "\"1367226812\"");
    Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
    Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"fc14279192a093fcc176db756792a37c\"");
    Line Found : user_pref("CommunityToolbar.globalUserId", "7f2fbfc4-0caa-4cb5-a835-4a21363a07f8");

    -\\ Google Chrome v

    [ File : C:\Users\olivia\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [23668 octets] - [21/09/2013 22:03:08]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [23729 octets] ##########
  • debitcardmayhem
    debitcardmayhem Posts: 13,282 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    I would say yes ,and then run DDS,from here http://download.bleepingcomputer.com/sUBs/dds.com and post the log, but if in doubt wait a bit for an expert for a more in depth view
    4.8kWp 12x400W Longhi 9.6 kWh battery Giv-hy 5.0 Inverter, WSW facing Essex . Aint no sunshine ☀️ Octopus gas fixed dec 24 @ 5.74 tracker again+ Octopus Intelligent Flux leccy
  • scotty1971
    scotty1971 Posts: 1,732 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    NTFS_AMD64
    Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.25.2
    Run by olivia at 23:57:02 on 2013-09-21
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4009.2099 [GMT 1:00]
    .
    AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
    .
    Running Processes
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
    C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Fujitsu\PSUtility\PSUService.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
    C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Windows\vsnp2uvc.exe
    C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
    C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    Pseudo HJT Report
    .
    uStart Page = hxxp://www.mozilla.co.uk/
    uDefault_Page_URL = hxxp://ts.fujitsu.com
    mWinlogon: Userinit = userinit.exe,
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    mRun: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
    mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
    mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    mRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
    dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    StartupFolder: C:\Users\olivia\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
    IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{B958FAE9-6468-42A6-85AD-14BDAF37849A} : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{B958FAE9-6468-42A6-85AD-14BDAF37849A}\3416D6075737E45647F5C4962633 : DHCPNameServer = 139.153.30.1 139.153.30.2
    TCP: Interfaces\{B958FAE9-6468-42A6-85AD-14BDAF37849A}\3416D6075737E45647F5C4962643 : DHCPNameServer = 139.153.30.1 139.153.30.2
    TCP: Interfaces\{B958FAE9-6468-42A6-85AD-14BDAF37849A}\6596379647F627E45647 : DHCPNameServer = 139.153.30.1 139.153.30.2
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
    x64-Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
    x64-Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
    x64-Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
    x64-Run: [PfNet] "C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe" /r
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    x64-Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
    x64-Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
    x64-Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
    x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    FIREFOX
    .
    FF - ProfilePath - C:\Users\olivia\AppData\Roaming\Mozilla\Firefox\Profiles\qw9fol7h.default\
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
    FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 FBIOSDRV;Fujitsu BIOS Driver;C:\Windows\System32\drivers\FBIOSDRV.sys [2010-11-15 21104]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
    R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-1-14 54368]
    R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
    R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r [?]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-3 983104]
    R2 PFNService;PFNService;C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-7 331776]
    R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2011-5-7 63336]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-24 2656280]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-11-4 58128]
    R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-15 327168]
    R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\System32\drivers\fuj02e3.sys [2010-10-12 7296]
    R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-9 60416]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-5-2 317440]
    R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-3-24 25496]
    R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-1-14 29016]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-1-14 29528]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-5-7 245792]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-1-17 412776]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-3-24 34200]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-31 1255736]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128]
    S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

    .
    2013-09-21 21:03:02
    d
    w- C:\AdwCleaner
    2013-09-21 15:33:14
    d
    w- C:\Program Files (x86)\FreeHDSport.TV
    2013-09-21 15:33:08
    d
    w- C:\Program Files (x86)\VipBoxSportsApp.com
    2013-09-21 13:20:41
    d
    w- C:\Users\olivia\AppData\Local\cache
    2013-09-21 13:12:03
    d
    w- C:\ProgramData\VTech
    2013-09-21 13:12:03
    d
    w- C:\Program Files (x86)\VTech
    2013-09-18 18:15:29
    d
    w- C:\Users\olivia\AppData\Local\{7F7931EF-F99E-4AB7-8D26-16E40BAE2E05}
    2013-09-12 22:34:16 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
    2013-09-11 07:14:34
    d
    w- C:\Users\olivia\AppData\Roaming\RealNetworks
    2013-09-11 07:13:59
    d
    w- C:\Program Files (x86)\RealNetworks
    2013-09-11 07:13:58
    d
    w- C:\ProgramData\RealNetworks
    2013-09-11 07:09:27
    d
    w- C:\Program Files (x86)\Common Files\xing shared
    2013-08-24 07:42:20
    d
    w- C:\Users\olivia\AppData\Local\{AFA6341C-5AB6-4334-9E89-347B0C0E3507}
    .
    ==================== Find3M ====================
    .
    2013-09-11 10:04:01 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-09-11 10:04:01 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-09-11 07:09:03 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2013-09-11 07:09:03 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
    2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
    2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
    2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
    2013-08-07 22:54:02 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll
    2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
    2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
    2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
    2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
    2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
    2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
    2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
    2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
    2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
    2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-06-25 19:44:43 54368 ----a-w- C:\Windows\System32\drivers\kltdi.sys
    2013-06-25 19:44:43 178448 ----a-w- C:\Windows\System32\drivers\kneps.sys
    2013-06-25 19:44:42 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    DDS log is fine now.

    The mbam log clearly showed all PUP.Optional.family.variant They are just bundled PUP's. No need to deploy a powerfull tool such as combofix on this occasion. See here: http://blog.malwarebytes.org/news/2013/07/malwarebytes-adopts-aggressive-pup-policy/

    No doubt bundled when you installed these:
    2013-09-21 15:33:14
    d
    w- C:\Program Files (x86)\FreeHDSport.TV
    2013-09-21 15:33:08
    d
    w- C:\Program Files (x86)\VipBoxSportsApp.com

    https://www.virustotal.com/en/file/2e72a05f1c9e9ba16081effd7677c18478544d001d342febae0486fb61c5be1a/analysis/1379838612/
    https://www.virustotal.com/en/file/479f2cd0bf15f76ef3e57ff0a1c06b6aeb33bff0d6f8bda666d95b4df7e1fa7b/analysis/1379838689/

    Uninstall them.
  • scotty1971
    scotty1971 Posts: 1,732 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    waddler_8 wrote: »
    DDS log is fine now.

    The mbam log clearly showed all PUP.Optional.family.variant They are just bundled PUP's. No need to deploy a powerfull tool such as combofix on this occasion. See here: http://blog.malwarebytes.org/news/2013/07/malwarebytes-adopts-aggressive-pup-policy/

    No doubt bundled when you installed these:



    https://www.virustotal.com/en/file/2e72a05f1c9e9ba16081effd7677c18478544d001d342febae0486fb61c5be1a/analysis/1379838612/
    https://www.virustotal.com/en/file/479f2cd0bf15f76ef3e57ff0a1c06b6aeb33bff0d6f8bda666d95b4df7e1fa7b/analysis/1379838689/

    Uninstall them.


    thats exactly when they were installed thanks
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352.9K Banking & Borrowing
  • 253.9K Reduce Debt & Boost Income
  • 454.7K Spending & Discounts
  • 246K Work, Benefits & Business
  • 602.1K Mortgages, Homes & Bills
  • 177.8K Life & Family
  • 259.9K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture