Jump to content


Photo
- - - - -

I'M infected What do i do


  • This topic is locked This topic is locked
13 replies to this topic

#1 jtd22311

jtd22311

    New Member

  • Members
  • Pip
  • 20 posts
  • Gender:Male

Posted 30 August 2013 - 03:05 PM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.28.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
joe :: JOE-PC [administrator]

8/30/2013 3:10:18 PM
MBAM-log-2013-08-30 (15-34-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223232
Time elapsed: 12 minute(s), 30 second(s)

Memory Processes Detected: 3
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> 7324 -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> 13284 -> No action taken.
C:\Program Files (x86)\lucky leap\updateluckyleap.exe (PUP.Optional.LuckyLeap.A) -> 13368 -> No action taken.

Memory Modules Detected: 7
C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.

Registry Keys Detected: 11
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> No action taken.
HKCR\IESmartBar.BHO (PUP.Optional.QuickShare.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> No action taken.
HKCR\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.Smart) -> No action taken.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.Smart) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.SearchProtect.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> No action taken.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Update lucky leap (PUP.Optional.LuckyLeap.A) -> No action taken.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.

Registry Values Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtectAll (PUP.Optional.SearchProtect.A) -> Data: C:\Program Files (x86)\SearchProtect\bin\cltmng.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtect (PUP.Optional.SearchProtect.A) -> Data: C:\Users\joe\AppData\Roaming\SearchProtect\bin\cltmng.exe -> No action taken.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {40DA9508-119B-11E3-85B4-705AB6E8F99A} -> No action taken.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {40DA9508-119B-11E3-85B4-705AB6E8F99A} -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 23
C:\Program Files (x86)\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> No action taken.

Files Detected: 110
C:\Users\joe\AppData\Local\Temp\Czje6PdC.exe.part (PUP.Optional.AirInstaller) -> No action taken.
C:\Users\joe\AppData\Local\Temp\DownloadManager2.exe (PUP.Optional.Smart) -> No action taken.
C:\Users\joe\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> No action taken.
C:\Users\joe\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Users\joe\AppData\Local\Temp\Shortcut_0_Offer_1.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Users\joe\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\SweetIMInstallValidator.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\ct3310511\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\ct3310511\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\ct3310511\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\ct3310511\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\ct3310511\spch.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\ct3310511\spff.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\ct3310511\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\AppData\Local\Temp\ct3310511\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\Downloads\ie10.exe (PUP.Optional.Smart) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\31P1AC2M\Installer[1].exe (PUP.Optional.SmartBar.A) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\31P1AC2M\LuckyLeap_cb[1].exe (PUP.Optional.LuckyLeap.A) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\31P1AC2M\SweetPacks[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\31P1AC2M\SweetPacks_wpf[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\EU4G20IF\filesfrog-distribution[1].exe (PUP.Optional.Somoto.A) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\EU4G20IF\SPChecker[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\EU4G20IF\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\ILOUGFFH\bundlesweetimsetup[1].exe (PUP.Optional.SweetIM) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\ILOUGFFH\mgsqlite3[1].7z (PUP.Optional.SweetIM) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\ILOUGFFH\Setup[1].exe (PUP.Optional.LuckyLeap.A) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\MGEIFUQ2\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\joe\Local Settings\Temporary Internet Files\Content.IE5\MGEIFUQ2\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\msvcp100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\msvcr100.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\rep.dat (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\popupTransparent.xul (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Users\joe\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\searchProtectorData (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files (x86)\lucky leap\updateluckyleap.exe (PUP.Optional.LuckyLeap.A) -> No action taken.

(end)DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer:   BrowserJavaVersion: 10.25.2
Run by joe at 14:43:43 on 2013-08-30
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.1978.527 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2013 Deluxe\Planner\PLNRnote.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Users\joe\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\joe\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
C:\Program Files (x86)\lucky leap\updateluckyleap.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\SearchProtocolHost.exe
c:\program files (x86)\real\realplayer\RealPlay.exe
C:\Windows\system32\SearchFilterHost.exe
c:\program files (x86)\real\realplayer\RealPlay.exe
c:\program files (x86)\real\realplayer\RealPlay.exe
c:\program files (x86)\real\realplayer\RealPlay.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
c:\program files (x86)\real\realplayer\RealPlay.exe
c:\program files (x86)\real\realplayer\RealPlay.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uWindow Title = Internet Explorer, enhanced for Bing and MSN
uURLSearchHooks: UsProvider Class: {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Minibar.dll
mURLSearchHooks: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: MinibarBHO: {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn8\yt.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
uRun: [HP Deskjet 3510 series (NET)] "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN35A1HHPV05Y7:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SearchProtect] C:\Users\joe\AppData\Roaming\SearchProtect\bin\cltmng.exe
uRun: [ConduitFloatingPlugin_banjjklfojcdbofbhbgiedekefohoaff] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3310511\plugins\TBVerifier.dll",RunConduitFloatingPlugin banjjklfojcdbofbhbgiedekefohoaff
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [BkupTray] "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
dRun: [SearchProtect] C:\Windows\System32\config\systemprofile\AppData\Roaming\SearchProtect\bin\cltmng.exe
StartupFolder: C:\Users\joe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\Users\joe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\EVENTP~1.LNK - C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2013 Deluxe\Planner\PLNRnote.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\Minibar.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll

TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{36A876DE-67F3-463D-B944-4354CA4EAAB6} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{36A876DE-67F3-463D-B944-4354CA4EAAB6}\241697D6F6E64773 : DHCPNameServer = 8.8.8.8 208.67.222.222
TCP: Interfaces\{36A876DE-67F3-463D-B944-4354CA4EAAB6}\4414953594E4E4D2341424C45403 : DHCPNameServer = 24.116.2.34
TCP: Interfaces\{36A876DE-67F3-463D-B944-4354CA4EAAB6}\4414953594E4E4D2341424C45413 : DHCPNameServer = 24.116.2.34
TCP: Interfaces\{36A876DE-67F3-463D-B944-4354CA4EAAB6}\4414953594E4E4D2341424C45423 : DHCPNameServer = 24.116.2.34
TCP: Interfaces\{36A876DE-67F3-463D-B944-4354CA4EAAB6}\469607960707F6 : DHCPNameServer = 192.168.2.1 68.94.156.1 68.94.157.1
TCP: Interfaces\{36A876DE-67F3-463D-B944-4354CA4EAAB6}\D4963627F64756C6 : DHCPNameServer = 68.111.16.30 68.111.16.25
TCP: Interfaces\{3A4EECE8-BA29-4918-A214-008192801A81} : DHCPNameServer = 198.6.1.1 204.117.214.10
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - <Clsid value has no data>
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [MouseDriver] TiltWheelMouse.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - <Clsid value has no data>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\

FF - prefs.js: browser.search.selectedEngine - SweetPacks Customized Web Search


FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\joe\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\extensions\{f84db37a-ae6f-423b-9f51-14b5ec10c879}\plugins\np-mswmp.dll
FF - plugin: C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\extensions\{f84db37a-ae6f-423b-9f51-14b5ec10c879}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-07-29 15:17; lrcsing@DNMard.net; C:\Program Files (x86)\LyricSing\125.xpi
FF - ExtSQL: 2013-08-15 09:16; avg@toolbar; C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2
FF - ExtSQL: 2013-08-17 13:07; firefox@webconnect.co; C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\extensions\firefox@webconnect.co.xpi
FF - ExtSQL: 2013-08-18 11:04; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: 2013-08-29 23:34; firefox@luckyleap.net; C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\extensions\firefox@luckyleap.net.xpi
FF - ExtSQL: 2013-08-30 01:35; firefox@passwordbox.com; C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\extensions\firefox@passwordbox.com.xpi
FF - ExtSQL: 2013-08-30 13:25; {f84db37a-ae6f-423b-9f51-14b5ec10c879}; C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\extensions\{f84db37a-ae6f-423b-9f51-14b5ec10c879}
FF - ExtSQL: 2013-08-30 13:41; {7e8a1050-cf67-4575-92df-dcc60e7d952d}; C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}
FF - ExtSQL: !HIDDEN! 2010-08-28 21:01; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2013-08-30 17:52:23    --------    d-----w-    C:\Program Files (x86)\Minibar
2013-08-30 17:51:58    --------    d-----w-    C:\Users\joe\AppData\Local\WebPlayer
2013-08-30 17:50:28    --------    d-----w-    C:\Users\joe\AppData\Local\Minibar
2013-08-30 17:44:12    --------    d-----w-    C:\Program Files (x86)\lucky leap
2013-08-30 17:43:02    --------    d-----w-    C:\Program Files (x86)\SweetPacks
2013-08-30 17:41:31    --------    d-----w-    C:\Program Files (x86)\SearchProtect
2013-08-30 17:40:37    --------    d-----w-    C:\Windows\SysWow64\WNLT
2013-08-30 05:17:18    --------    d-----w-    C:\Program Files (x86)\ESET
2013-08-28 15:41:33    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-08-28 15:41:33    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-25 14:30:40    17139080    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-08-18 18:33:05    1054720    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2013-08-18 18:31:59    599552    ----a-w-    C:\Windows\System32\vbscript.dll
2013-08-17 22:31:17    --------    d-----w-    C:\Users\joe\AppData\Local\avgchrome
2013-08-16 19:41:55    0    ----a-w-    C:\Windows\SysWow64\sho5C59.tmp
2013-08-16 18:34:49    --------    d-----w-    C:\Windows\System32\MRT
2013-08-15 20:20:51    --------    d-----w-    C:\Users\joe\AppData\Roaming\QuickScan
2013-08-15 20:18:30    --------    d-----w-    C:\Users\joe\AppData\Roaming\OpswatLogs
2013-08-15 20:17:38    --------    d-----w-    C:\temp
2013-08-15 20:16:27    --------    d-----w-    C:\Program Files (x86)\Common Files\supportsoft
2013-08-15 14:06:27    1472512    ----a-w-    C:\Windows\System32\crypt32.dll
2013-08-15 14:06:26    224256    ----a-w-    C:\Windows\System32\wintrust.dll
2013-08-15 14:06:26    1166848    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-08-15 14:06:25    175104    ----a-w-    C:\Windows\SysWow64\wintrust.dll
2013-08-15 14:06:24    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-08-15 14:06:23    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-08-15 14:06:23    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-08-15 14:06:23    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-08-15 13:55:58    39936    ----a-w-    C:\Windows\System32\drivers\tssecsrv.sys
2013-08-15 13:55:56    1910208    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-08-08 01:21:04    --------    d-----w-    C:\Windows\SysWow64\searchplugins
.
==================== Find3M  ====================
.
2013-08-25 14:32:11    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-25 14:32:11    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-18 18:31:58    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-08-18 18:31:58    173568    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-08-18 18:31:54    13824    ----a-w-    C:\Windows\System32\mshta.exe
2013-08-18 18:31:53    51200    ----a-w-    C:\Windows\System32\imgutil.dll
2013-08-18 18:31:50    135680    ----a-w-    C:\Windows\System32\IEAdvpack.dll
2013-08-18 18:31:47    92160    ----a-w-    C:\Windows\System32\SetIEInstalledDate.exe
2013-08-18 18:31:46    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-08-18 18:31:45    48640    ----a-w-    C:\Windows\System32\mshtmler.dll
2013-08-18 18:31:45    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-08-18 18:31:44    77312    ----a-w-    C:\Windows\System32\tdc.ocx
2013-08-15 13:14:26    45856    ----a-w-    C:\Windows\System32\drivers\avgtpx64.sys
2013-07-30 13:56:33    0    ----a-w-    C:\Windows\SysWow64\sho98B6.tmp
2013-07-25 09:25:54    1888768    ----a-w-    C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27    1620992    ----a-w-    C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-21 18:55:58    0    ----a-w-    C:\Windows\SysWow64\sho915A.tmp
2013-07-20 05:51:00    311608    ----a-w-    C:\Windows\System32\drivers\avgloga.sys
2013-07-20 05:50:56    71480    ----a-w-    C:\Windows\System32\drivers\avgidsha.sys
2013-07-20 05:50:56    246072    ----a-w-    C:\Windows\System32\drivers\avgidsdrivera.sys
2013-07-20 05:50:50    206648    ----a-w-    C:\Windows\System32\drivers\avgldx64.sys
2013-07-19 01:58:42    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-07-19 01:41:01    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-07-10 05:32:38    45880    ----a-w-    C:\Windows\System32\drivers\avgrkx64.sys
2013-07-09 06:03:30    5550528    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22    1732032    ----a-w-    C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12    243712    ----a-w-    C:\Windows\System32\wow64.dll
2013-07-09 05:51:16    1217024    ----a-w-    C:\Windows\System32\rpcrt4.dll
2013-07-09 05:03:34    3968960    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:34    3913664    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:47    1292192    ----a-w-    C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33    663552    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2013-07-09 04:45:07    44032    ----a-w-    C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2013-07-05 14:15:20    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-05 14:15:18    867240    ----a-w-    C:\Windows\SysWow64\npdeployJava1.dll
2013-07-05 14:15:18    789416    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2013-07-01 05:45:28    116536    ----a-w-    C:\Windows\System32\drivers\avgmfx64.sys
2013-06-20 23:25:26    499712    ----a-w-    C:\Windows\SysWow64\msvcp71.dll
2013-06-20 23:25:26    348160    ----a-w-    C:\Windows\SysWow64\msvcr71.dll
2013-06-15 12:14:00    0    ----a-w-    C:\Windows\SysWow64\sho5716.tmp
2013-06-14 00:01:45    0    ----a-w-    C:\Windows\SysWow64\sho3854.tmp
2013-06-13 18:40:00    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2013-06-13 18:39:59    458712    ----a-w-    C:\Windows\System32\drivers\cng.sys
2013-06-13 18:39:59    340992    ----a-w-    C:\Windows\System32\schannel.dll
2013-06-13 18:39:59    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2013-06-13 18:39:59    154480    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2013-06-13 18:39:59    1448448    ----a-w-    C:\Windows\System32\lsasrv.dll
2013-06-13 18:39:55    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2013-06-13 18:38:15    514560    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2013-06-13 18:38:15    366592    ----a-w-    C:\Windows\System32\qdvd.dll
2013-06-05 03:34:27    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-06-04 06:00:13    624128    ----a-w-    C:\Windows\System32\qedit.dll
2013-06-04 04:53:07    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2012-07-14 21:33:12    4024320    ----a-w-    C:\Program Files (x86)\GUT5300.tmp
.
============= FINISH: 14:47:36.58 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/15/2010 9:26:48 AM
System Uptime: 8/30/2013 8:42:02 AM (6 hours ago)
.
Motherboard: Acer             |  | Aspire 5334     
Processor: Intel® Celeron® CPU          900  @ 2.20GHz | uPGA-478 | 2194/200mhz
.
==== Disk Partitions =========================
.
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709a
Acer Backup Manager
Acer ePower Management
Acer eRecovery Management
Acer Game Console
Acer Games
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Advanced SystemCare 6
Amazon Kindle
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
ATT-PRT22
AVG 2013
AVG Security Toolbar
Backup Manager Basic
Bejeweled 2 Deluxe
Bing Rewards Client Installer
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Build-a-lot 2
CCleaner
Cisco Connect
Compatibility Pack for the 2007 Office system
CyberLink PowerDVD 9
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
DocMgr
DocProc
eBay Worldwide
Faerie Solitaire
FATE - The Traitor Soul
Fax
Google Earth
Google Update Helper
GPBaseService2
Hallmark Card Studio 2013 Deluxe
HP Customer Participation Program 13.0
HP Deskjet 3510 series Basic Device Software
HP Deskjet 3510 series Help
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP Officejet 6500 E709 Series
HP Photosmart Essential 3.5
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
Identity Card
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Rapid Storage Technology
InternetHelper3.1 Toolbar
IObit Malware Fighter
iSEEK AnswerWorks English Runtime
Java 7 Update 25
Java Auto Updater
Jewel Quest Solitaire 3
Junk Mail filter update
Launch Manager
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office Home and Student 2010 - English
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft UI Engine
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Monopoly
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWinLocker
MyWinLocker Suite
Network64
NOOK for PC
NTI Backup Now 5
NTI Backup Now Standard
OCR Software by I.R.I.S. 13.0
Penguins!
Plants vs. Zombies
ProductContext
Quicken 2007
Quicken 2011
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Scan
Scrabble Plus
Search Protect by conduit
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shredder
Smart Defrag 2
SmartWebPrinting
SolutionCenter
Status
Synaptics Pointing Device Driver
The Price is Right
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Toolbox
TrayApp
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Virtual Families
Virtual Villagers - A New Home
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
WebReg
WebSlingPlayer ActiveX
Welcome Center
Widevine Media Transformer Plugin 5.0.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! BrowserPlus 2.9.8
Yahoo! Install Manager
Yahoo! Software Update
Yahoo! Toolbar
Yahtzee
Zuma Deluxe
.
==== End Of File ===========================


 



#2 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,405 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 30 August 2013 - 05:47 PM

Hello jtd22311 and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:
  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall the following applications:

AVG Security Toolbar
Search Protect by conduit



Step 2

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.



In your next reply, post the following log files:
  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#3 jtd22311

jtd22311

    New Member

  • Members
  • Pip
  • 20 posts
  • Gender:Male

Posted 06 September 2013 - 01:50 PM

Trying now



#4 jtd22311

jtd22311

    New Member

  • Members
  • Pip
  • 20 posts
  • Gender:Male

Posted 06 September 2013 - 02:08 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.8 (09.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by joe on Fri 09/06/2013 at 14:46:56.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\Tasks\LyricsSing Update.job
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/06/2013 at 14:56:30.88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#5 jtd22311

jtd22311

    New Member

  • Members
  • Pip
  • 20 posts
  • Gender:Male

Posted 06 September 2013 - 02:15 PM

# AdwCleaner v3.002 - Report created 06/09/2013 at 15:11:09
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : joe - JOE-PC
# Running from : C:\Users\joe\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\jetpack
Folder Deleted : C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\CT3279415
Folder Deleted : C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\Extensions\{5373a31d-9410-45e2-b299-4f61428f0be4}
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Secure Search
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Mozilla Firefox v23.0.1 (en-US)
 
[ File : C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\chshz1ia.default-1376837563465\prefs.js ]
 
Line Deleted : user_pref("CT3279415.FF19Solved", "true");
Line Deleted : user_pref("CT3279415.UserID", "UN39496106142284822");
Line Deleted : user_pref("CT3279415.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3279415.fullUserID", "UN39496106142284822.IN.20130831150618");
Line Deleted : user_pref("CT3279415.installDate", "31/08/2013 15:06:20");
Line Deleted : user_pref("CT3279415.installSessionId", "{4646DFDE-753D-4CB4-BCC6-8E2BCB0A1926}");
Line Deleted : user_pref("CT3279415.installSp", "TRUE");
Line Deleted : user_pref("CT3279415.installUsage", "01/09/2013 14:38:16");
Line Deleted : user_pref("CT3279415.installUsageEarly", "01/09/2013 14:38:16");
Line Deleted : user_pref("CT3279415.installerVersion", "1.6.1.2");
Line Deleted : user_pref("CT3279415.keyword", "true");
Line Deleted : user_pref("CT3279415.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3279415.originalSearchEngine", "");
Line Deleted : user_pref("CT3279415.originalSearchEngineName", "");
Line Deleted : user_pref("CT3279415.searchRevert", "false");
Line Deleted : user_pref("CT3279415.searchUserMode", "2");
Line Deleted : user_pref("CT3279415.versionFromInstaller", "10.19.2.5");
Line Deleted : user_pref("CT3279415.xpeMode", "0");
 
[ File : C:\Users\joe\AppData\Roaming\Mozilla\Firefox\Profiles\zarymqg5.default\prefs.js ]
 
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Users\joe\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
Deleted : urls_to_restore_on_startup
 
*************************
 
AdwCleaner[R0].txt - [45366 octets] - [30/08/2013 21:04:49]
AdwCleaner[R1].txt - [4872 octets] - [31/08/2013 11:05:05]
AdwCleaner[R2].txt - [3460 octets] - [06/09/2013 15:09:48]
AdwCleaner[S0].txt - [44676 octets] - [30/08/2013 21:05:44]
AdwCleaner[S1].txt - [4857 octets] - [31/08/2013 11:48:28]
AdwCleaner[S2].txt - [3282 octets] - [06/09/2013 15:11:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3342 octets] ##########


#6 jtd22311

jtd22311

    New Member

  • Members
  • Pip
  • 20 posts
  • Gender:Male

Posted 06 September 2013 - 02:30 PM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.06.08
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
joe :: JOE-PC [administrator]
 
9/6/2013 3:19:54 PM
mbam-log-2013-09-06 (15-19-54).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223057
Time elapsed: 7 minute(s), 51 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 2
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#7 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,405 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 07 September 2013 - 06:05 AM

How are things now? :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#8 jtd22311

jtd22311

    New Member

  • Members
  • Pip
  • 20 posts
  • Gender:Male

Posted 09 September 2013 - 02:41 PM

How can I remove Advanced SystemCare 6?  

 

It seems conduit malware has disappeared.  Along with a few other web browser redirects are now not appearing!



#9 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,405 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 10 September 2013 - 04:07 AM

Just uninstall it as every other program.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#10 jtd22311

jtd22311

    New Member

  • Members
  • Pip
  • 20 posts
  • Gender:Male

Posted 11 September 2013 - 08:59 AM

It appears to  be gone.  Thanks



#11 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,405 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 11 September 2013 - 09:53 AM

Glad I could help! :)

Step 1
  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Some malware prevention tips:
users.telenet.be/bluepatchy/miekiemoes/prevention.html


Safe surfing! :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#12 jtd22311

jtd22311

    New Member

  • Members
  • Pip
  • 20 posts
  • Gender:Male

Posted 11 September 2013 - 11:42 AM

Thanks again for your help.

 

Happy surfing to you



#13 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,405 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 11 September 2013 - 11:44 AM

You're welcome! :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#14 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,236 posts
  • Gender:Male
  • Location:US

Posted 16 September 2013 - 07:21 PM

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users