CloseProcesses:
CreateRestorePoint:
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
C:\Program Files (x86)\Lavasoft\Web Companion
FirewallRules: [{CA42D759-A5E4-4028-8A11-8F70501511C4}] => (Allow) C:\Users\TonyO\AppData\Local\Temp\nstBDD3.tmp\Installer-75984393.exe
FirewallRules: [{F3FCC906-4262-4A61-998F-A37608ABB867}] => (Allow) C:\Users\TonyO\AppData\Local\Temp\nstBDD3.tmp\Installer-75984393.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-664253536-2428268681-3679085427-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1445648 2015-12-22] (Lavasoft)
HKU\S-1-5-21-664253536-2428268681-3679085427-1001\...\MountPoints2: {86091af8-78ae-11e5-9bcc-f065dd647e32} - "E:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-21-664253536-2428268681-3679085427-1001\...\MountPoints2: {86091f36-78ae-11e5-9bcc-f065dd647e32} - "E:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-21-664253536-2428268681-3679085427-1001\...\MountPoints2: {d4a72161-07fa-11e5-9886-f065dd647e32} - "E:\VZW_Software_upgrade_assistant.exe" 
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-664253536-2428268681-3679085427-1001 -> DefaultScope {FC9E205A-0FE1-49AC-A7C3-026D8877239F} URL = 
SearchScopes: HKU\S-1-5-21-664253536-2428268681-3679085427-1001 -> {A1ABB554-EED7-4C94-A891-5D622B2A1F61} URL = 
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKU\S-1-5-21-664253536-2428268681-3679085427-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Homepage: hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghHJlwBBwhEGBgSdAsLTA1CGQAOeQEAVRQQQgUVJggJUl9BGQUFIk0FA18DB0VXfWFoKB8fHHdPIUNdE30UQFlQ
FF user.js: detected! => C:\Users\TonyO\AppData\Roaming\Mozilla\Firefox\Profiles\1aduwhcj.default\user.js [2015-10-02]
FF Extension: ADB Helper - C:\Users\TonyO\AppData\Roaming\Mozilla\Firefox\Profiles\1aduwhcj.default\Extensions\adbhelper@mozilla.org [2015-11-13]
FF Extension: Yahoo! Toolbar - C:\Users\TonyO\AppData\Roaming\Mozilla\Firefox\Profiles\1aduwhcj.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2016-01-03]
FF Extension: Blazer Deals - C:\Users\TonyO\AppData\Roaming\Mozilla\Firefox\Profiles\1aduwhcj.default\Extensions\{79641bb2-aadb-4a4c-bb66-863556c04fa9}.xpi [2015-10-02] [not signed]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-12-22] (Lavasoft Limited)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168 2015-12-22] ()
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
RemoveProxy:
hosts:
Emptytemp: