kingp43

Hmm... computer is about 6 months old. Anyways, thank you so much for your help, it really is appreciated. Every time MWB has been awesome about helping get my computer straightened out, and I've always felt obligated to buy, subscribe, or whatever. so anyways, subscription incoming haha. And Aura, a special thank you to you as well. I appreciate your time.

Hmm... yep. I did this time. I thought I did last time, but when i checked quarantine, it didn't show anything. Likely user error I guess hehe. So, I'm guessing I'm prob good to go eh? Any info on what was going on? I don't think I really did anything differently lately to acquire something. Was this something I've downloaded accidentally? I know there's a thousand ways for crap to get on your computer, just curious to help prevent future infection.

Addition.txt FRST.txt malwarescan.txt

So just over the last day or two, I've been getting a pop up that is trying to install an exe. I could just be browsing the internet and it pops up prompting me to ok the install. Not sure if malwarebytes has always been subscription and my sub expired? I've used you guys off and on for years, fortunately not for quite some time. Anyways... I keep clicking no to not install this exe, and downloaded a trial again of malwarebytes. It didn't come up with anything, but the next time I got the pop up, MWB blocked it. this is what it says, prob not doing this right heh. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/18/17 Protection Event Time: 11:46 AM Log File: Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.160 Update Package Version: 1.0.2614 License: Trial -System Information- OS: Windows 10 (Build 15063.540) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Domain: sync.malwareprotectionlive.com IP Address: 52.24.129.36 Port: [58974] Type: Outbound File: C:\Users\kingp\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe (end)

I reset chrome and was still having the same problem. I un-installed chrome and re-installed, and now everything seems to be working normally. I will update in a day or two if any problems arise, but otherwise I am going to consider this a "Problem Solved!" Thank you so very much for your help Maniac, I sincerely appreciate you donating your time to helping me and people like me with these problems. Malware / adware / whatever is a really annoying and tricky problem to tackle, and the world is a better place for having people like you helping out. As I mentioned before, I am currently not working but will be starting two part time jobs in the coming weeks. I promise I will be buying Malwarebytes and sending a small donation your way via paypal in the near future. Until then, I hope that my thanks and praise can be accepted. Thank you again! Patrick

this ran in safemode and found one threat from what I saw while it was about 50% through, then it closed down when it finished I believe. I selected delete the threat when it came up. Now I do not know where to find the report, and I still am having the same issues since the very beginning. As always I really appreciate your help. Thank you, patrick

That link keeps leading to a dead end 404 page. after digging around on that site I found this page - http://www.kaspersky.com/antivirus-removal-tool?form=1 I downloaded - Version 11 (11.0.0.1245) english version, and tried to install it, but it keeps failing the install and says to reboot the computer and try again. I did that numerous times with no luck.

F:\Users\Patrick\My Documents\Vuze Downloads\AUTODESK.MAYA.V2013.WIN32-ISO-on\maya2013_x32.rar a variant of Win32/Keygen.HA application C:\a\uplayermediaplayer-setup.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\Users\Patrick\Documents\Vuze Downloads\AUTODESK.MAYA.V2013.WIN32-ISO-on\maya2013_x32.rar a variant of Win32/Keygen.HA application deleted - quarantined C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe probably a variant of Win32/CNETInstaller.A application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\cbsidlm-tr1_10a-Ghost_Mouse_Auto_Clicker-SEO-75322043.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\flashupdate.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\HDvideo-v4.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\reginout_setup.exe multiple threats cleaned by deleting - quarantined C:\Users\Patrick\Downloads\Setup.exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined F:\Users\Patrick\Documents\Downloads\RingtoneExpressionsSetup.exe a variant of Win32/Induc.A virus cleaned by deleting - quarantined F:\Users\Patrick\Documents\Downloads\SoftonicDownloader30277.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined

ComboFix 13-11-01.03 - Patrick 11/02/2013 11:10:08.1.4 - x86 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.3326.2192 [GMT -7:00] Running from: c:\users\Patrick\Desktop\ComboFix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Patrick\AppData\Local\Temp\1.tmp\F_IN_BOX.dll c:\users\Patrick\AppData\Roaming\vso_ts_preview.xml c:\windows\system32\c.bat c:\windows\system32\drivers\etc\lmhosts c:\windows\system32\v.vbs . . ((((((((((((((((((((((((( Files Created from 2013-10-02 to 2013-11-02 ))))))))))))))))))))))))))))))) . . 2013-11-02 18:23 . 2013-11-02 18:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-11-02 18:23 . 2013-11-02 18:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-10-30 14:44 . 2013-10-30 14:44 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-10-26 00:10 . 2013-10-26 00:14 -------- d-----w- C:\AdwCleaner 2013-10-25 23:57 . 2013-10-25 23:57 -------- d-----w- c:\windows\ERUNT 2013-10-23 16:54 . 2013-10-23 16:54 -------- d-----w- C:\FRST 2013-10-23 07:18 . 2013-10-23 07:21 -------- d-----w- c:\windows\system32\MRT 2013-10-23 06:56 . 2013-08-27 02:47 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-10-23 06:56 . 2013-08-27 02:47 189952 ----a-w- c:\windows\system32\d3d10core.dll 2013-10-23 06:56 . 2013-08-27 02:47 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2013-10-23 06:56 . 2013-08-27 02:47 1029120 ----a-w- c:\windows\system32\d3d10.dll 2013-10-23 06:56 . 2013-08-27 01:52 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2013-10-23 06:56 . 2013-08-27 01:50 486400 ----a-w- c:\windows\system32\d3d10level9.dll 2013-10-23 06:56 . 2013-08-27 01:32 683008 ----a-w- c:\windows\system32\d2d1.dll 2013-10-23 06:56 . 2013-08-27 01:28 1069056 ----a-w- c:\windows\system32\DWrite.dll 2013-10-23 06:56 . 2013-08-27 01:28 798208 ----a-w- c:\windows\system32\FntCache.dll 2013-10-23 06:54 . 2013-06-26 23:01 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2013-10-23 06:54 . 2013-04-17 12:30 24576 ----a-w- c:\windows\system32\cryptdlg.dll 2013-10-23 06:51 . 2013-07-04 04:21 532480 ----a-w- c:\windows\system32\comctl32.dll 2013-10-23 06:51 . 2013-07-03 02:10 25472 ----a-w- c:\windows\system32\drivers\hidparse.sys 2013-10-23 06:51 . 2013-06-04 04:16 34304 ----a-w- c:\windows\system32\atmlib.dll 2013-10-23 06:51 . 2013-06-04 01:49 293376 ----a-w- c:\windows\system32\atmfd.dll 2013-10-23 06:50 . 2013-06-01 04:06 505344 ----a-w- c:\windows\system32\qedit.dll 2013-10-23 06:49 . 2013-04-09 03:52 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2013-10-23 06:49 . 2013-04-09 03:51 983552 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2013-10-23 06:49 . 2013-04-09 03:51 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2013-10-23 06:49 . 2013-04-09 03:51 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2013-10-23 06:48 . 2013-07-08 04:16 992768 ----a-w- c:\windows\system32\crypt32.dll 2013-10-23 06:48 . 2013-07-08 04:20 172544 ----a-w- c:\windows\system32\wintrust.dll 2013-10-23 06:48 . 2013-07-08 04:16 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-10-23 06:48 . 2013-07-08 04:16 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-10-22 23:49 . 2013-10-22 23:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-10-22 23:49 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-10-22 22:33 . 2013-10-22 22:33 -------- d-----w- c:\program files\CCleaner 2013-10-22 22:08 . 2013-10-22 22:07 5403344 ----a-w- c:\programdata\pclunst.exe 2013-10-22 22:03 . 2013-10-22 22:03 -------- d-----w- c:\users\Patrick\AppData\Local\Registry_Cleaner_Pro 2013-10-22 22:03 . 2013-10-22 22:03 -------- d-----w- c:\users\Patrick\AppData\Local\Registry Cleaner Pro 2013-10-22 21:56 . 2013-10-22 21:56 -------- d-----w- c:\users\Patrick\AppData\Roaming\LavasoftStatistics 2013-10-22 21:36 . 2013-10-22 21:36 -------- d-----w- c:\users\Patrick\AppData\Roaming\SecureSearch 2013-10-22 21:36 . 2013-10-22 23:00 -------- d-----w- c:\program files\Lavasoft 2013-10-22 21:34 . 2013-10-22 21:34 -------- d-----w- c:\programdata\Lavasoft 2013-10-20 16:40 . 2013-10-23 05:50 -------- d-----w- C:\a 2013-10-09 15:17 . 2013-10-09 15:17 68 ----a-w- c:\windows\system32\ttt.bat 2013-10-06 17:43 . 2013-10-06 17:43 -------- d-----w- c:\users\Patrick\AppData\Roaming\uPlayer 2013-10-06 17:43 . 2013-10-06 17:43 -------- d-----w- c:\program files\uPlayer 2013-10-05 04:18 . 2013-10-05 04:15 447752 ----a-w- c:\windows\system32\vp6vfw.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-16 08:20 . 2013-11-01 09:04 7796464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{96F22B8B-B49C-4F12-965E-F3061E6ABE15}\mpengine.dll 2013-10-09 14:41 . 2013-02-27 01:44 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-10-09 14:41 . 2012-07-25 19:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-09-21 17:23 . 2013-09-21 17:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-09-21 17:23 . 2013-09-21 17:24 868264 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-09-21 17:23 . 2011-06-07 00:13 790440 ----a-w- c:\windows\system32\deployJava1.dll 2013-09-12 08:51 . 2013-09-21 17:34 53024 ----a-w- c:\windows\system32\OpenCL.dll 2013-09-12 08:51 . 2013-09-21 17:31 22102304 ----a-w- c:\windows\system32\nvoglv32.dll 2013-09-12 08:51 . 2013-09-21 17:31 2007328 ----a-w- c:\windows\system32\nvcuvenc.dll 2013-09-12 08:51 . 2013-09-21 17:31 17560352 ----a-w- c:\windows\system32\nvcompiler.dll 2013-09-12 08:51 . 2013-09-21 17:31 9253664 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2013-09-12 08:51 . 2013-09-21 17:31 893728 ----a-w- c:\windows\system32\nvdispgenco3232723.dll 2013-09-12 08:51 . 2013-09-21 17:31 7720576 ----a-w- c:\windows\system32\nvcuda.dll 2013-09-12 08:51 . 2013-09-21 17:31 6329552 ----a-w- c:\windows\system32\nvopencl.dll 2013-09-12 08:51 . 2013-09-21 17:31 2789152 ----a-w- c:\windows\system32\nvcuvid.dll 2013-09-12 08:51 . 2013-09-21 17:31 2630304 ----a-w- c:\windows\system32\nvapi.dll 2013-09-12 08:51 . 2013-09-21 17:31 13628208 ----a-w- c:\windows\system32\nvwgf2um.dll 2013-09-12 08:51 . 2013-09-21 17:31 12947360 ----a-w- c:\windows\system32\nvd3dum.dll 2013-09-12 08:51 . 2013-09-21 17:31 1049376 ----a-w- c:\windows\system32\nvdispco3232723.dll 2013-09-12 06:28 . 2013-09-21 17:34 4265760 ----a-w- c:\windows\system32\nvcpl.dll 2013-09-12 06:28 . 2013-09-21 17:34 3006240 ----a-w- c:\windows\system32\nvsvc.dll 2013-09-12 06:28 . 2013-09-21 17:34 662816 ----a-w- c:\windows\system32\nvvsvc.exe 2013-09-12 06:28 . 2013-09-21 17:34 62752 ----a-w- c:\windows\system32\nvshext.dll 2013-09-12 06:28 . 2013-09-21 17:34 209184 ----a-w- c:\windows\system32\nvmctray.dll 2013-09-03 21:35 . 2011-04-27 23:18 238872 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208] "InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-04-30 1770400] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer9"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-11-10 19:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2013-02-13 02:37 1263952 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-04-28 19:07 136176 ----atw- c:\users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch] 2007-10-12 03:01 46368 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD] 2007-10-12 03:03 29984 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder] 2007-08-31 17:01 328992 ----a-w- c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-10-11 03:04 1826816 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 17:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2013-10-30 19:25 1820584 ----a-w- c:\program files\Steam\Steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2013-07-02 16:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}] 2008-04-12 00:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}] 2008-08-28 17:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe . Contents of the 'Scheduled Tasks' folder . 2013-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 14:41] . 2013-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-11 09:21] . 2013-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-11 09:21] . 2013-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core.job - c:\users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28 19:07] . 2013-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA.job - c:\users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28 19:07] . 2013-11-02 c:\windows\Tasks\Norton Security Scan for Patrick.job - c:\progra~1\NORTON~2\Engine\311~1.6\Nss.exe [2011-06-11 10:30] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.2.1 . - - - - ORPHANS REMOVED - - - - . HKCU-Run-AdobeBridge - (no file) SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-GenieoSystemTray - c:\users\Patrick\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe MSConfigStartUp-GenieoUpdaterService - c:\users\Patrick\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe MSConfigStartUp-TkBellExe - c:\program files\Real\RealPlayer\Update\realsched.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-11-02 11:27 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1523673819-582981192-2884528013-1000\Software\SecuROM\License information*] "datasecu"=hex:d3,3b,38,50,b7,3e,9e,b1,d0,2e,c5,44,d7,6c,dd,ea,d2,60,60,22,0d, 88,4b,3c,34,c9,31,13,c1,fe,d0,30,8c,67,b8,55,52,f5,48,ba,b5,4f,fb,89,d7,e6,\ "rkeysecu"=hex:2a,7b,49,4b,ef,34,45,24,3f,fb,0e,ad,3e,6f,9b,8c . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\SYSTEM32\astsrv.exe c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Hi-Rez Studios\HiPatchService.exe c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe c:\windows\system32\PnkBstrA.exe c:\program files\Wondershare\Wondershare Application Center\WACService.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\DRIVERS\xaudio.exe c:\windows\servicing\TrustedInstaller.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\RtHDVCpl.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Belkin\Belkin USB Print and Storage Center\connect.exe c:\program files\Belkin\Router Setup and Monitor\BelkinSetup.exe c:\program files\NVIDIA Corporation\Display\nvtray.exe c:\windows\system32\DllHost.exe . ************************************************************************** . Completion time: 2013-11-02 11:30:55 - machine was rebooted ComboFix-quarantined-files.txt 2013-11-02 18:30 . Pre-Run: 15,016,169,472 bytes free Post-Run: 17,776,209,920 bytes free . - - End Of File - - F3763F7836B54E201760580C481E87DC 5C616939100B85E558DA92B899A0FC36

No. Exact same symptoms. A small pop up at the bottom of chrome browser a few seconds after every page view, and also full page pop unders on the first click anywhere on a page. Thank You very much for you help and your patience. Patrick

Ok, Sorry about that. JRT log - ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.7 (10.15.2013:2)OS: Windows Vista Ultimate x86Ran by Patrick on Fri 10/25/2013 at 17:01:52.55~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\fixcleanerSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettingsSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilividSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\imSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstallerSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pc optimizer proSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonicSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\visualbeeSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugoSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossriderSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbarSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\fixcleanerSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.comSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\supreme savingsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\visualbeeSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistantSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\domaiq uninstallerSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A86CB93C-AF88-B5FE-F4D9-E79E5C6A4474}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E79867C4-2396-4AF7-8554-7331D9116505} ~~~ Files Successfully deleted: [File] "C:\Windows\Tasks\pc optimizer pro startups.job"Successfully deleted: [File] "C:\end" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\big fish"Successfully deleted: [Folder] "C:\ProgramData\big fish games"Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"Successfully deleted: [Folder] "C:\ProgramData\pc1data"Successfully deleted: [Folder] "C:\ProgramData\trymedia"Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"Successfully deleted: [Folder] "C:\Users\Patrick\AppData\Roaming\fixcleaner"Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\big fish"Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\conduit"Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\coupon companion plugin"Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\cre"Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\supreme savings"Successfully deleted: [Folder] "C:\Users\Patrick\appdata\locallow\conduit"Successfully deleted: [Folder] "C:\Users\Patrick\appdata\locallow\incredibar.com"Successfully deleted: [Folder] "C:\Program Files\conduit"Successfully deleted: [Folder] "C:\Program Files\domaiq uninstaller"Successfully deleted: [Folder] "C:\Program Files\fixcleaner"Successfully deleted: [Folder] "C:\bigfishcache" ~~~ Chrome Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [blacklisted Policy]Successfully deleted: [Folder] C:\Users\Patrick\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmiedaSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Fri 10/25/2013 at 17:06:05.97Computer was rebootedEnd of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I'm not sure which of these is the correct file, there is no "C:\AdwCleaner[s1].txt" there is AdwCleanerSOtxt. and AdwCleanerR0.txt AdwCleanerS0txt. - # AdwCleaner v3.010 - Report created 25/10/2013 at 17:13:52# Updated 20/10/2013 by Xplode# Operating System : Windows Vista Ultimate Service Pack 2 (32 bits)# Username : Patrick - PATRICK-PC# Running from : C:\Users\Patrick\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Uniblue\DriverScannerFile Deleted : C:\Program Files\Mozilla Firefox\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibemKey Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Key Deleted : HKCU\Software\HeadlightKey Deleted : HKLM\Software\InfoAtomsKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar CleanerKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretbKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngineKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16514 -\\ Google Chrome v [ File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2011 octets] - [25/10/2013 17:10:29]AdwCleaner[s0].txt - [1964 octets] - [25/10/2013 17:13:52] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2024 octets] ########## and AdwCleanerr0.txt.- # AdwCleaner v3.010 - Report created 25/10/2013 at 17:10:29# Updated 20/10/2013 by Xplode# Operating System : Windows Vista Ultimate Service Pack 2 (32 bits)# Username : Patrick - PATRICK-PC# Running from : C:\Users\Patrick\Downloads\AdwCleaner.exe# Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Program Files\Mozilla Firefox\user.jsFolder Found C:\ProgramData\Uniblue\DriverScanner ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\HeadlightKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretbKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngineKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtomsKey Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibemKey Found : HKLM\Software\InfoAtomsKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar CleanerValue Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}] ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16514 -\\ Google Chrome v [ File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1871 octets] - [25/10/2013 17:10:29] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1931 octets] ########## and finally, FRST is not making a "Fixlog.txt" from what I can tell. It just produces this FRST.text in notepad. this log is here - Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-10-2013 01Ran by Patrick (administrator) on PATRICK-PC on 26-10-2013 09:00:59Running from C:\Users\Patrick\DownloadsMicrosoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: English(US)Internet Explorer Version 9Boot Mode: Normal ==================== Processes (Whitelisted) =================== (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(Microsoft Corporation) C:\Windows\system32\SLsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Nalpeiron Ltd.) C:\Windows\SYSTEM32\astsrv.exe() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe(Symantec Corporation) C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe(Symantec Corporation) C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe() C:\Windows\system32\PnkBstrA.exe(Wondershare) C:\Program Files\Wondershare\Wondershare Application Center\WACService.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Microsoft Corporation) C:\Windows\system32\wuauclt.exe(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-10-30] (Realtek Semiconductor)HKLM\...\Run: [instaLAN] - C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-04-29] (Affinegy, Inc.)HKLM\...\Run: [switchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKCU\...\Run: [AdobeBridge] - [x]HKCU\...\Run: [Google Update] - C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-28] (Google Inc.)HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)MountPoints2: {ab67b29b-711e-11e0-9f0e-d69220716e3a} - G:\LaunchU3.exe -aHKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D961AEA4714CD01SearchScopes: HKLM - DefaultScope value is missing.BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabWinsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Chrome: =======CHR RestoreOnStartup: "urls_to_restore_on_startup": nullCHR Plugin: (Remoting Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()CHR Plugin: (Shockwave Flash) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No FileCHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)CHR Plugin: (Java Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No FileCHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No FileCHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No FileCHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No FileCHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No FileCHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll No FileCHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No FileCHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No FileCHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No FileCHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (live player) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnoocjdgpaeliplnkbhbpccighjkeef\3.2_0CHR Extension: (Norton Identity Protection) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0CHR Extension: (Gmail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1CHR HKLM\...\Chrome\Extension: [cpoooaodibfldhiobnmnjliddplmekeb] - C:\Users\Patrick\AppData\Local\CRE\cpoooaodibfldhiobnmnjliddplmekeb.crxCHR HKLM\...\Chrome\Extension: [hcnoocjdgpaeliplnkbhbpccighjkeef] - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lp.crxCHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\20.4.0.40\Exts\Chrome.crxCHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crxCHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crxCHR StartMenuInternet: Google Chrome - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exeCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-04-29] (Affinegy, Inc.)R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152064 2010-02-17] ()R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] ()R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios)R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)R2 N360; C:\Program Files\Norton 360\Engine\20.4.0.40\diMaster.dll [556336 2013-05-29] (Symantec Corporation)R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-08-02] ()R2 WACService; C:\Program Files\Wondershare\Wondershare Application Center\WACService.exe [103272 2012-11-09] (Wondershare) ==================== Drivers (Whitelisted) ==================== R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131022.001\BHDrvx86.sys [1096280 2013-10-22] (Symantec Corporation)R1 ccSet_N360; C:\Windows\system32\drivers\N360\1404000.028\ccSetx86.sys [134744 2013-04-15] (Symantec Corporation)R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-26] (Symantec Corporation)R1 ElRawDisk; C:\Windows\system32\drivers\dddsk.sys [22312 2009-02-12] (EldoS Corporation)R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-26] (Symantec Corporation)S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20131025.001\IDSvix86.sys [393816 2013-10-16] (Symantec Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-17] ()R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131025.009\NAVENG.SYS [93272 2013-08-28] (Symantec Corporation)R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131025.009\NAVEX15.SYS [1612376 2013-08-28] (Symantec Corporation)S3 SkyhawkeUSBLan; C:\Windows\System32\DRIVERS\btblan.sys [40560 2010-04-15] (Belcarra Technologies)R3 SRTSP; C:\Windows\System32\Drivers\N360\1404000.028\SRTSP.SYS [603224 2013-05-15] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\N360\1404000.028\SRTSPX.SYS [32344 2013-03-04] (Symantec Corporation)R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)R0 SymDS; C:\Windows\System32\drivers\N360\1404000.028\SYMDS.SYS [367704 2013-05-20] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\N360\1404000.028\SYMEFA.SYS [934488 2013-05-22] (Symantec Corporation)R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-17] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\N360\1404000.028\Ironx86.SYS [175264 2013-03-04] (Symantec Corporation)R1 SYMTDIv; C:\Windows\System32\Drivers\N360\1404000.028\SYMTDIV.SYS [352344 2013-04-24] (Symantec Corporation)S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org)S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-20] (Microsoft Corporation)S3 EagleNT; No ImagePathS3 EagleXNt; No ImagePathS3 IpInIp; system32\DRIVERS\ipinip.sys [x]S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]S3 XDva386; No ImagePathS3 XDva389; No ImagePathS3 XDva401; No ImagePath ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-26 08:59 - 2013-10-26 08:59 - 00039329 _____ C:\Users\Patrick\Downloads\FRST (1).txt2013-10-26 08:57 - 2013-10-26 08:57 - 01089001 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe2013-10-26 08:49 - 2013-10-26 08:49 - 00002104 _____ C:\Users\Patrick\Downloads\AdwCleanerS0.txt2013-10-26 08:49 - 2013-10-26 08:49 - 00002011 _____ C:\Users\Patrick\Downloads\AdwCleanerR0.txt2013-10-26 08:46 - 2013-10-26 08:46 - 00006342 _____ C:\Users\Patrick\Downloads\JRT.txt2013-10-25 17:21 - 2013-10-26 09:00 - 00000076 _____ C:\Users\Patrick\Downloads\fixlist.txt2013-10-25 17:20 - 2013-10-25 17:20 - 00000136 _____ C:\Users\Patrick\fixlist.txt2013-10-25 17:10 - 2013-10-25 17:14 - 00000000 ____D C:\AdwCleaner2013-10-25 17:09 - 2013-10-25 17:09 - 01060070 _____ C:\Users\Patrick\Downloads\AdwCleaner.exe2013-10-25 17:08 - 2013-10-25 17:08 - 01813288 _____ (Express Install ) C:\Users\Patrick\Downloads\Setup.exe2013-10-25 17:06 - 2013-10-25 17:06 - 00006342 _____ C:\Users\Patrick\Desktop\JRT.txt2013-10-25 16:57 - 2013-10-25 16:57 - 00000000 ____D C:\Windows\ERUNT2013-10-25 16:48 - 2013-10-25 16:48 - 01033335 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe2013-10-23 09:56 - 2013-10-23 09:56 - 00025255 _____ C:\Users\Patrick\Downloads\Addition.txt2013-10-23 09:54 - 2013-10-23 09:54 - 00000000 ____D C:\FRST2013-10-23 09:27 - 2013-10-23 09:27 - 00016338 _____ C:\Users\Patrick\Desktop\dds.txt2013-10-23 09:27 - 2013-10-23 09:27 - 00011035 _____ C:\Users\Patrick\Desktop\attach.txt2013-10-23 09:25 - 2013-10-23 09:25 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.scr2013-10-23 00:18 - 2013-10-23 00:21 - 00000000 ____D C:\Windows\system32\MRT2013-10-23 00:11 - 2013-09-22 03:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-10-23 00:11 - 2013-09-22 03:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-10-23 00:11 - 2013-09-22 03:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-10-23 00:11 - 2013-09-22 03:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-10-23 00:11 - 2013-09-22 03:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-10-23 00:11 - 2013-09-22 03:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-10-23 00:11 - 2013-09-22 03:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-10-23 00:11 - 2013-09-22 03:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-10-23 00:11 - 2013-09-22 03:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-10-23 00:11 - 2013-09-22 03:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-10-23 00:11 - 2013-09-22 03:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-10-23 00:11 - 2013-09-22 03:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-10-23 00:11 - 2013-09-22 03:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-10-23 00:11 - 2013-09-22 03:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-10-23 00:11 - 2013-09-22 03:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-10-23 00:11 - 2013-09-22 02:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-10-22 23:56 - 2013-08-26 19:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll2013-10-22 23:56 - 2013-08-26 19:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll2013-10-22 23:56 - 2013-08-26 19:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll2013-10-22 23:56 - 2013-08-26 19:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll2013-10-22 23:56 - 2013-08-26 18:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2013-10-22 23:56 - 2013-08-26 18:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll2013-10-22 23:56 - 2013-08-26 18:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll2013-10-22 23:56 - 2013-08-26 18:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll2013-10-22 23:56 - 2013-08-26 18:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll2013-10-22 23:55 - 2013-08-29 00:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-10-22 23:55 - 2013-08-01 21:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL2013-10-22 23:55 - 2013-07-31 20:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys2013-10-22 23:55 - 2013-07-31 19:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll2013-10-22 23:55 - 2013-07-20 03:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2013-10-22 23:55 - 2013-07-17 12:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2013-10-22 23:55 - 2013-07-15 21:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll2013-10-22 23:55 - 2013-07-10 02:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2013-10-22 23:55 - 2013-07-09 05:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2013-10-22 23:55 - 2013-07-07 21:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe2013-10-22 23:55 - 2013-07-07 21:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-10-22 23:55 - 2013-07-04 20:20 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2013-10-22 23:55 - 2013-07-04 18:43 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys2013-10-22 23:55 - 2013-06-28 19:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys2013-10-22 23:55 - 2013-06-28 19:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2013-10-22 23:55 - 2013-06-28 19:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2013-10-22 23:55 - 2013-06-28 19:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys2013-10-22 23:55 - 2013-06-15 06:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll2013-10-22 23:55 - 2013-06-15 04:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys2013-10-22 23:55 - 2013-05-01 21:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll2013-10-22 23:55 - 2013-05-01 21:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll2013-10-22 23:55 - 2013-04-23 21:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll2013-10-22 23:55 - 2013-04-23 18:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe2013-10-22 23:55 - 2013-03-03 12:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2013-10-22 23:55 - 2011-05-05 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2013-10-22 23:55 - 2011-05-05 06:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys2013-10-22 23:54 - 2013-06-26 16:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys2013-10-22 23:54 - 2013-04-17 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll2013-10-22 23:51 - 2013-07-03 21:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2013-10-22 23:51 - 2013-07-02 19:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys2013-10-22 23:51 - 2013-06-03 21:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2013-10-22 23:51 - 2013-06-03 18:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2013-10-22 23:50 - 2013-05-31 21:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll2013-10-22 23:48 - 2013-07-07 21:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2013-10-22 23:48 - 2013-07-07 21:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2013-10-22 23:48 - 2013-07-07 21:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2013-10-22 23:48 - 2013-07-07 21:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll2013-10-22 23:06 - 2013-10-25 17:15 - 00020040 _____ C:\Windows\PFRO.log2013-10-22 22:53 - 2013-10-22 22:53 - 00004112 _____ C:\{5BA4C780-048B-48BB-B16B-A4B689A7A42A}2013-10-22 16:49 - 2013-10-22 16:49 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-10-22 16:49 - 2013-10-22 16:49 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware2013-10-22 16:49 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2013-10-22 16:46 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300 (1).exe2013-10-22 16:45 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe2013-10-22 15:53 - 2013-10-22 15:53 - 00365546 _____ C:\Users\Patrick\Documents\cc_20131022_155305.reg2013-10-22 15:33 - 2013-10-22 15:33 - 00000815 _____ C:\Users\Public\Desktop\CCleaner.lnk2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\CCleaner2013-10-22 15:29 - 2013-10-22 15:29 - 04369632 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup406.exe2013-10-22 15:08 - 2013-10-22 15:07 - 05403344 _____ (PC Cleaners) C:\ProgramData\pclunst.exe2013-10-22 15:03 - 2013-10-22 23:06 - 00000370 _____ C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry_Cleaner_Pro2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry Cleaner Pro2013-10-22 15:00 - 2013-10-22 15:00 - 00894600 _____ (CNET Download.com) C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe2013-10-22 14:56 - 2013-10-22 14:56 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\LavasoftStatistics2013-10-22 14:36 - 2013-10-22 16:00 - 00000000 ____D C:\Program Files\Lavasoft2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SecureSearch2013-10-22 14:34 - 2013-10-22 14:34 - 00000000 ____D C:\ProgramData\Lavasoft2013-10-22 14:33 - 2013-10-22 14:33 - 01724552 _____ C:\Users\Patrick\Downloads\Adaware_Installer.exe2013-10-22 10:52 - 2013-10-25 10:22 - 00000000 ____D C:\Users\Patrick\Desktop\DriversEd2013-10-20 09:40 - 2013-10-22 22:50 - 00000000 ____D C:\a2013-10-20 09:39 - 2013-10-20 09:39 - 00619911 _____ C:\Users\Patrick\Downloads\HDvideo-v4.exe2013-10-20 09:31 - 2013-10-20 09:32 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe2013-10-17 18:19 - 2013-10-17 18:19 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\05.wmv2013-10-10 18:44 - 2013-10-10 18:44 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe2013-10-09 08:17 - 2013-10-09 08:17 - 00000068 _____ C:\Windows\system32\ttt.bat2013-10-07 18:41 - 2013-10-07 18:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe2013-10-06 14:25 - 2013-10-06 14:25 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe2013-10-06 14:03 - 2013-10-06 14:03 - 00743634 _____ C:\Users\Patrick\Downloads\steak___kidney_pie.bmp2013-10-06 10:53 - 2013-10-06 10:53 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uPlayer2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uPlayer2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Program Files\uPlayer2013-10-06 10:42 - 2013-10-20 09:43 - 20914176 _____ C:\Users\Patrick\Downloads\uPlayer.msi2013-10-06 10:41 - 2013-10-06 10:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe2013-10-05 14:34 - 2013-10-05 14:34 - 00002093 _____ C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk2013-10-05 14:15 - 2013-10-05 14:15 - 00002021 _____ C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk2013-10-04 21:22 - 2013-10-04 21:22 - 00000000 ____D C:\Users\Patrick\Documents\Electronic Arts2013-10-04 21:18 - 2013-10-04 21:18 - 00002080 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk2013-10-04 21:18 - 2013-10-04 21:15 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll ==================== One Month Modified Files and Folders ======= 2013-10-26 09:00 - 2013-10-25 17:21 - 00000076 _____ C:\Users\Patrick\Downloads\fixlist.txt2013-10-26 08:59 - 2013-10-26 08:59 - 00039329 _____ C:\Users\Patrick\Downloads\FRST (1).txt2013-10-26 08:57 - 2013-10-26 08:57 - 01089001 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe2013-10-26 08:57 - 2011-04-27 15:28 - 00001356 _____ C:\Users\Patrick\AppData\Local\d3d9caps.dat2013-10-26 08:52 - 2011-05-11 14:23 - 00000000 ____D C:\Program Files\Steam2013-10-26 08:49 - 2013-10-26 08:49 - 00002104 _____ C:\Users\Patrick\Downloads\AdwCleanerS0.txt2013-10-26 08:49 - 2013-10-26 08:49 - 00002011 _____ C:\Users\Patrick\Downloads\AdwCleanerR0.txt2013-10-26 08:46 - 2013-10-26 08:46 - 00006342 _____ C:\Users\Patrick\Downloads\JRT.txt2013-10-26 08:41 - 2013-02-26 18:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-10-26 08:41 - 2011-04-28 12:07 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA.job2013-10-26 08:37 - 2011-06-11 02:22 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-10-26 08:24 - 2009-04-11 05:38 - 01336139 _____ C:\Windows\WindowsUpdate.log2013-10-26 08:21 - 2011-06-11 02:22 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-10-26 08:21 - 2006-11-02 06:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-10-26 08:21 - 2006-11-02 05:46 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A02013-10-26 08:21 - 2006-11-02 05:46 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A02013-10-25 23:30 - 2006-11-02 06:00 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT2013-10-25 17:20 - 2013-10-25 17:20 - 00000136 _____ C:\Users\Patrick\fixlist.txt2013-10-25 17:20 - 2011-04-27 15:28 - 00000000 ____D C:\Users\Patrick2013-10-25 17:15 - 2013-10-22 23:06 - 00020040 _____ C:\Windows\PFRO.log2013-10-25 17:14 - 2013-10-25 17:10 - 00000000 ____D C:\AdwCleaner2013-10-25 17:13 - 2013-03-22 07:35 - 00000000 ____D C:\ProgramData\Uniblue2013-10-25 17:13 - 2012-06-05 15:40 - 00000000 ____D C:\Program Files\Mozilla Firefox2013-10-25 17:09 - 2013-10-25 17:09 - 01060070 _____ C:\Users\Patrick\Downloads\AdwCleaner.exe2013-10-25 17:08 - 2013-10-25 17:08 - 01813288 _____ (Express Install ) C:\Users\Patrick\Downloads\Setup.exe2013-10-25 17:06 - 2013-10-25 17:06 - 00006342 _____ C:\Users\Patrick\Desktop\JRT.txt2013-10-25 16:57 - 2013-10-25 16:57 - 00000000 ____D C:\Windows\ERUNT2013-10-25 16:48 - 2013-10-25 16:48 - 01033335 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe2013-10-25 10:22 - 2013-10-22 10:52 - 00000000 ____D C:\Users\Patrick\Desktop\DriversEd2013-10-25 09:42 - 2011-04-28 12:07 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core.job2013-10-25 08:50 - 2006-11-02 03:33 - 01614504 _____ C:\Windows\system32\PerfStringBackup.INI2013-10-24 17:05 - 2011-06-11 05:48 - 00000406 ____H C:\Windows\Tasks\Norton Security Scan for Patrick.job2013-10-24 09:52 - 2013-03-22 07:40 - 00000000 ____D C:\Users\Patrick\AppData\Local\CrashDumps2013-10-23 15:10 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET2013-10-23 09:56 - 2013-10-23 09:56 - 00025255 _____ C:\Users\Patrick\Downloads\Addition.txt2013-10-23 09:54 - 2013-10-23 09:54 - 00000000 ____D C:\FRST2013-10-23 09:27 - 2013-10-23 09:27 - 00016338 _____ C:\Users\Patrick\Desktop\dds.txt2013-10-23 09:27 - 2013-10-23 09:27 - 00011035 _____ C:\Users\Patrick\Desktop\attach.txt2013-10-23 09:25 - 2013-10-23 09:25 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.scr2013-10-23 09:12 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache2013-10-23 08:50 - 2006-11-02 05:46 - 03714840 _____ C:\Windows\system32\FNTCACHE.DAT2013-10-23 08:49 - 2012-11-06 13:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight2013-10-23 08:47 - 2006-11-02 05:35 - 00000000 ____D C:\Windows\system32\XPSViewer2013-10-23 08:47 - 2006-11-02 05:35 - 00000000 ____D C:\Program Files\Windows Journal2013-10-23 00:34 - 2006-11-02 03:23 - 00000240 _____ C:\Windows\win.ini2013-10-23 00:21 - 2013-10-23 00:18 - 00000000 ____D C:\Windows\system32\MRT2013-10-22 23:49 - 2011-04-27 15:28 - 00079008 _____ C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT2013-10-22 23:09 - 2012-03-12 12:18 - 00000000 ____D C:\Users\Patrick\Desktop\MoreGames2013-10-22 23:06 - 2013-10-22 15:03 - 00000370 _____ C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job2013-10-22 23:06 - 2011-05-03 08:22 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment2013-10-22 22:53 - 2013-10-22 22:53 - 00004112 _____ C:\{5BA4C780-048B-48BB-B16B-A4B689A7A42A}2013-10-22 22:50 - 2013-10-20 09:40 - 00000000 ____D C:\a2013-10-22 16:49 - 2013-10-22 16:49 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-10-22 16:49 - 2013-10-22 16:49 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware2013-10-22 16:46 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300 (1).exe2013-10-22 16:46 - 2013-10-22 16:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe2013-10-22 16:10 - 2012-07-19 09:06 - 00000002 _____ C:\Windows\system32\HRUPPROG.TXT2013-10-22 16:07 - 2013-01-13 10:34 - 00000000 ____D C:\Users\Patrick\Documents\Silo Data2013-10-22 16:00 - 2013-10-22 14:36 - 00000000 ____D C:\Program Files\Lavasoft2013-10-22 15:53 - 2013-10-22 15:53 - 00365546 _____ C:\Users\Patrick\Documents\cc_20131022_155305.reg2013-10-22 15:48 - 2011-05-09 16:07 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Vso2013-10-22 15:47 - 2013-05-08 09:18 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client2013-10-22 15:47 - 2012-12-23 12:26 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Ventrilo2013-10-22 15:47 - 2011-05-09 08:04 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Azureus2013-10-22 15:37 - 2013-05-05 07:31 - 00000000 ____D C:\Windows\Minidump2013-10-22 15:37 - 2011-04-27 16:15 - 00000000 ____D C:\Windows\Panther2013-10-22 15:33 - 2013-10-22 15:33 - 00000815 _____ C:\Users\Public\Desktop\CCleaner.lnk2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\CCleaner2013-10-22 15:29 - 2013-10-22 15:29 - 04369632 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup406.exe2013-10-22 15:07 - 2013-10-22 15:08 - 05403344 _____ (PC Cleaners) C:\ProgramData\pclunst.exe2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry_Cleaner_Pro2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry Cleaner Pro2013-10-22 15:00 - 2013-10-22 15:00 - 00894600 _____ (CNET Download.com) C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe2013-10-22 14:56 - 2013-10-22 14:56 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\LavasoftStatistics2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SecureSearch2013-10-22 14:34 - 2013-10-22 14:34 - 00000000 ____D C:\ProgramData\Lavasoft2013-10-22 14:33 - 2013-10-22 14:33 - 01724552 _____ C:\Users\Patrick\Downloads\Adaware_Installer.exe2013-10-20 09:43 - 2013-10-06 10:42 - 20914176 _____ C:\Users\Patrick\Downloads\uPlayer.msi2013-10-20 09:39 - 2013-10-20 09:39 - 00619911 _____ C:\Users\Patrick\Downloads\HDvideo-v4.exe2013-10-20 09:32 - 2013-10-20 09:31 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe2013-10-17 22:25 - 2012-07-13 09:02 - 00002063 _____ C:\Users\Patrick\Desktop\Google Chrome.lnk2013-10-17 18:19 - 2013-10-17 18:19 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe2013-10-12 19:08 - 2011-05-08 12:17 - 00000000 ____D C:\Users\Patrick\Desktop\New Folder2013-10-12 17:23 - 2011-05-03 08:31 - 00000000 ____D C:\Users\Patrick\Documents\StarCraft II2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\05.wmv2013-10-10 18:44 - 2013-10-10 18:44 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe2013-10-09 08:17 - 2013-10-09 08:17 - 00000068 _____ C:\Windows\system32\ttt.bat2013-10-09 07:41 - 2013-02-26 18:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe2013-10-09 07:41 - 2012-07-25 12:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl2013-10-07 18:41 - 2013-10-07 18:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe2013-10-06 14:26 - 2010-07-27 08:02 - 00000000 ____D C:\StarCraft II2013-10-06 14:25 - 2013-10-06 14:25 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe2013-10-06 14:03 - 2013-10-06 14:03 - 00743634 _____ C:\Users\Patrick\Downloads\steak___kidney_pie.bmp2013-10-06 10:53 - 2013-10-06 10:53 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uPlayer2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uPlayer2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Program Files\uPlayer2013-10-06 10:41 - 2013-10-06 10:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe2013-10-05 14:34 - 2013-10-05 14:34 - 00002093 _____ C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk2013-10-05 14:34 - 2011-04-27 15:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information2013-10-05 14:26 - 2011-09-17 19:11 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2013-10-05 14:15 - 2013-10-05 14:15 - 00002021 _____ C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk2013-10-05 14:11 - 2013-08-14 14:54 - 00000000 ____D C:\Program Files\Origin Games2013-10-05 14:04 - 2011-07-28 22:39 - 00000000 ____D C:\Program Files\Origin2013-10-04 21:22 - 2013-10-04 21:22 - 00000000 ____D C:\Users\Patrick\Documents\Electronic Arts2013-10-04 21:18 - 2013-10-04 21:18 - 00002080 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk2013-10-04 21:15 - 2013-10-04 21:18 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll2013-09-26 02:19 - 2006-11-02 03:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe Files to move or delete:====================C:\ProgramData\.glInit02.datC:\ProgramData\pclunst.exeC:\Users\Patrick\APB_Reloaded_Installer.exeC:\Users\Patrick\Fallen_Earth_20110728.exe Some content of TEMP:====================C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legitC:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-26 08:27 ==================== End Of Log ============================ as always, Thank you very much for your time, help, and patience. Patrick

Thank you again for your time Borislav. I hope these are the correct files and that I'm doing everything correctly. JRT.txt AdwCleanerR0.txt AdwCleanerS0.txt FRST.txt

hmmm... couldn't find attach for the next file soo... hope this is ok - addition text - Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-10-2013 01Ran by Patrick at 2013-10-23 09:56:12Running from C:\Users\Patrick\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== 1912: Titanic MysteryAd-Aware Browsing Protection (Version: 1.0.1.124)Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)Adobe Flash Player 11 Plugin (Version: 11.9.900.117)Adobe Photoshop CS6 (Version: 13.0)Adobe Reader X (10.0.1) (Version: 10.0.1)APB Reloaded (Version: 1.3.3.560517)Apple Application Support (Version: 2.3.2)Apple Mobile Device Support (Version: 6.0.1.3)Apple Software Update (Version: 2.1.3.127)Atheros Communications Inc.® L1 Gigabit Ethernet Driver (Version: 2.4.7.10)AutoHotkey 1.1.09.02 (Version: 1.1.09.02)AVCWare Ringtone Maker (Version: 2.0.5.20120712)Belkin Setup and Router MonitorBelkin USB Print and Storage Center (Version: 1.1.3)Big Fish: Game Manager (Version: 3.2.0.4)Bonjour (Version: 3.0.0.10)CaddieSync Express 1.4.3 (Version: 1.4.3)CCleaner (Version: 4.06)Chivalry: Medieval WarfareConvertXtoDVD 4.1.19.364 (Version: 4.1.19.364)Counter-Strike: Global OffensiveDarkfall Unholy Wars 2.1.0.8 (Version: 2.1.0.8)Dead Space™ 3 (Version: 1.0.0.0)DivxToDVD 0.5.2b (Version: 0.5.2b)Fishdom H2O: Hidden Odyssey ™GamersFirst LIVE!Ghost Mouse Auto Clicker 3.7G-Hotkey version 3.62GIMP 2.8.2 (Version: 2.8.2)Global Agenda Live (Version: 1.5.1.5)Google Chrome (HKCU Version: 30.0.1599.101)Google Update Helper (Version: 1.3.21.165)Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)Java 7 Update 40 (Version: 7.0.400)Java Auto Updater (Version: 2.1.9.8)Java 6 Update 30 (Version: 6.0.300)Loop Recorder (Version: 2.08)Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)Microsoft .NET Framework 3.5 Language Pack - esn (Version: 3.5.21022)Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft .NET Framework 4 Extended (Version: 4.0.30319)Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)Microsoft Games for Windows Marketplace (Version: 3.5.50.0)Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)Microsoft Silverlight (Version: 5.1.20913.0)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)Microsoft_VC90_CRT_x86 (Version: 1.00.0000)MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)Murder, She WroteNatural Selection 2Norton 360 (Version: 20.4.0.40)Norton Security Scan (Version: 3.1.1.6)NVIDIA 3D Vision Controller Driver (Version: 275.33)NVIDIA 3D Vision Controller Driver 326.01 (Version: 326.01)NVIDIA Control Panel 327.23 (Version: 327.23)NVIDIA Graphics Driver 327.23 (Version: 327.23)NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)NVIDIA Install Application (Version: 2.1002.133.889)NVIDIA PhysX (Version: 9.13.0725)NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)Orcs Must Die! 2Origin (Version: 9.3.1.4482)PaperPort Image Printer (Version: 1.00.0000)Paquete de idioma de Microsoft .NET Framework 3.5 - esnPath of Exile (Version: 0.10.1.22906)PDF Settings CS6 (Version: 11.0)PL-2303 Vista Driver Installer (Version: 3.2.0.0)Portal 2 Publishing ToolPunkBuster Services (Version: 0.993)RavagedRazer Game Booster (Version: 3.5.6.0)Realtek High Definition Audio Driver (Version: 6.0.1.5506)ScanSoft PaperPort 11 (Version: 11.1.0000)Serious Sam 3: BFESimCity 4 DeluxeSix Updater (Version: 2.09.7016)SkyCaddie DesktopSmite (Version: 0.1.1433.0)Soft Data Fax Modem with SmartCP (Version: 7.74.00)Star Wars: The Old Republic (Version: 1.00)StarCraft II (Version: 2.0.11.26825)Steam (Version: 1.0.0.0)Team Fortress 2TeamSpeak 3 Client (Version: 3.0.11.1)The Sims™ 3 (Version: 1.57.62)The Sims™ 3 High-End Loft Stuff (Version: 3.0.38)The Sims™ 3 Late Night (Version: 6.5.1)The War Z version alpha (Version: alpha)TrackMania Nations ForeverUltimate Extras sounds from Microsoft® Tinker™Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)uPlayer (Version: 1.0.0)VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)Ventrilo Client (Version: 3.0.8)Visual Link Spanish Level I v. 4 (Version: 4.6.0000)VTFEdit 1.3.2Vuze (Version: 4.6)WavePad Sound EditorWindows Live ID Sign-in Assistant (Version: 6.500.3165.0)Windows Sound SchemesWinRAR 4.20 (32-bit) (Version: 4.20.0)WinZip 16.5 (Version: 16.5.10095)Wondershare Application Center 1.0.0.58 (Version: 1.0.0.58)XCOM: Enemy UnknownXfire (remove only) ==================== Restore Points ========================= 23-10-2013 06:37:51 Norton 360 Registry Clean23-10-2013 06:56:47 Windows Update23-10-2013 16:01:26 Windows Update23-10-2013 16:04:04 Windows Update ==================== Hosts content: ========================== 2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {075F7B0C-8858-426A-81EA-5161F4D13E82} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPagesTask: {278C27EB-A44C-4ACA-9D62-D70A5EC66CD4} - System32\Tasks\Norton Security Scan for Patrick => C:\PROGRA~1\NORTON~2\Engine\311~1.6\Nss.exe [2012-10-03] (Symantec Corporation)Task: {2EF1A2C3-210D-4AFD-BEB7-E51E7FD69C0C} - System32\Tasks\Microsoft\Windows\MobilePC\TMMTask: {2FD42AB2-3FC9-4456-A517-52B72526495C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-11] (Google Inc.)Task: {31E6B20C-E46F-4E0E-BA3E-F99F6DEC16A2} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exeTask: {3A950610-5351-4CF3-89BD-526A7E64AA8B} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()Task: {5A6D9831-D95C-4713-B4E9-F03D1644498F} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)Task: {95EB7A4D-0DAD-4170-AEDC-C0B9D8AE3D30} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1523673819-582981192-2884528013-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exeTask: {9B7DB194-ACBB-488D-9286-032028E57122} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)Task: {A8B47EED-1D17-4BC4-8051-7B8FEBEF0656} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)Task: {B25D4244-6254-4542-9A54-D5A933EC915A} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UITask: {B945FE20-0E76-4826-B335-74C05CC0F122} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28] (Google Inc.)Task: {C00B680C-377C-4CE2-AC1F-02A52147C9AB} - System32\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba => C:\Program Files\Registry Cleaner Pro\Registry Cleaner Pro.exeTask: {C313C996-C66F-43B2-BA0D-8C2C69A1C1EB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28] (Google Inc.)Task: {CE964F7F-0644-449F-B60F-C5B4535F4CFD} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)Task: {CF9947D0-68C2-48BC-9087-9287B6B098C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-11] (Google Inc.)Task: {E70D82C4-4A46-4281-B61F-22CC12E6DE76} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)Task: {E7561C5D-1116-4607-829F-2DC5417784A4} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1523673819-582981192-2884528013-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exeTask: {EE4FA612-789C-43D8-AC0D-B3EE8E92ACA6} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)Task: {F33C6EA3-5F3A-45DC-8F25-F4D82D166066} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] ()Task: {FBD53B80-F285-476D-9A3F-91DFC9875CF2} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2008-01-20] (Microsoft Corporation)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core.job => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA.job => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\Norton Security Scan for Patrick.job => C:\PROGRA~1\NORTON~2\Engine\311~1.6\Nss.exeTask: C:\Windows\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exeTask: C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job => C:\Program Files\Registry Cleaner Pro\Registry Cleaner Pro.exe ==================== Loaded Modules (whitelisted) ============= 2011-10-18 19:37 - 2010-02-17 18:25 - 00132096 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll2011-10-18 19:36 - 2011-02-15 14:15 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll2011-10-18 19:36 - 2011-02-15 14:15 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll2011-10-18 19:36 - 2011-02-15 14:16 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll2011-10-18 19:36 - 2011-02-15 14:15 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll2011-10-18 19:36 - 2011-02-15 13:25 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll2013-06-09 00:32 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll2011-10-18 19:36 - 2011-04-29 17:55 - 00658432 _____ () C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll2011-10-18 19:36 - 2011-04-29 18:30 - 00022944 _____ () C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll2013-10-17 22:22 - 2013-10-08 17:02 - 04055504 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll2013-10-17 22:23 - 2013-10-08 17:02 - 00415184 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll2013-10-17 22:22 - 2013-10-08 17:01 - 01604560 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll2013-10-17 22:22 - 2013-10-08 17:01 - 00698832 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll2013-10-17 22:22 - 2013-10-08 17:01 - 00099792 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows:AstInfoAlternateDataStreams: C:\ProgramData\TEMP:2CB9631FAlternateDataStreams: C:\ProgramData\TEMP:2F141B68AlternateDataStreams: C:\ProgramData\TEMP:32A82570AlternateDataStreams: C:\ProgramData\TEMP:C72A744C ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= Name: Standard PS/2 KeyboardDescription: Standard PS/2 KeyboardClass Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard keyboards)Service: i8042prtProblem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.Devices stay in this state if they have been prepared for removal.After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Microsoft PS/2 MouseDescription: Microsoft PS/2 MouseClass Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: i8042prtProblem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.Devices stay in this state if they have been prepared for removal.After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors:==================Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 15584 Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 15584 Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/22/2013 02:10:40 PM) (Source: Microsoft-Windows-RestartManager) (User: Patrick-PC)Description: 0C:\StarCraft II\Versions\Base26490\SC2.exeStarCraft II0111772960 Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 12261 Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 12261 Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 11247 Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 11247 Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second System errors:=============Error: (10/23/2013 09:06:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)Description: 0x80070490Security Update for Windows Vista (KB2378111){B321FBFF-272A-4FAB-AE38-8D88C2FA7C7B}104 Error: (10/23/2013 09:06:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)Description: 0x80070490Update for Windows Vista (KB2345886){BEC4CDFE-9F15-4EF2-8317-95C6DE018424}101 Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state Microsoft Office Sessions:=========================Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 15584 Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 15584 Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/22/2013 02:10:40 PM) (Source: Microsoft-Windows-RestartManager)(User: Patrick-PC)Description: 0C:\StarCraft II\Versions\Base26490\SC2.exeStarCraft II0111772960 Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 12261 Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 12261 Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 11247 Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 11247 Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity Errors:=================================== Date: 2013-10-23 09:55:48.405 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2013-10-23 09:55:48.283 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2013-10-23 09:55:48.160 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2013-10-23 09:55:48.046 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2013-10-23 09:55:44.249 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-23 09:55:44.131 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-23 09:55:43.984 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-23 09:55:43.848 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-23 09:20:38.124 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. Date: 2013-10-23 09:20:38.013 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 53%Total physical RAM: 3326.19 MBAvailable physical RAM: 1539.36 MBTotal Pagefile: 6869.29 MBAvailable Pagefile: 4561.81 MBTotal Virtual: 3071.88 MBAvailable Virtual: 2930.36 MB ==================== Drives ================================ Drive c: (HP_PAVILION) (Fixed) (Total:298.09 GB) (Free:15.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive d: (OFFICE11) (CDROM) (Total:0.39 GB) (Free:0 GB) CDFSDrive f: (HP) (Fixed) (Total:288.85 GB) (Free:181.56 GB) NTFSDrive g: (Recovery) (Fixed) (Total:9.24 GB) (Free:0.98 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 788A3B05)Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS) ========================================================Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 1549F232)Partition 1: (Active) - (Size=289 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=9 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-10-2013 01 Ran by Patrick (administrator) on PATRICK-PC on 23-10-2013 09:54:31 Running from C:\Users\Patrick\Downloads Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Nalpeiron Ltd.) C:\Windows\SYSTEM32\astsrv.exe () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Windows\system32\PnkBstrA.exe (Wondershare) C:\Program Files\Wondershare\Wondershare Application Center\WACService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Symantec Corporation) C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe (Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe (Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\system32\wuauclt.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-10-30] (Realtek Semiconductor) HKLM\...\Run: [instaLAN] - C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-04-29] (Affinegy, Inc.) HKLM\...\Run: [switchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [AdobeBridge] - [x] HKCU\...\Run: [Google Update] - C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-28] (Google Inc.) HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation) MountPoints2: {ab67b29b-711e-11e0-9f0e-d69220716e3a} - G:\LaunchU3.exe -a HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_5&idate=2013-10-22&ent=hp&u=E03256196CD405D82632F35266EFC734 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D961AEA4714CD01 SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_5&idate=2013-10-22&hsimp=yhs-lavasoft&ent=ch&q={searchTerms} SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_5&idate=2013-10-22&hsimp=yhs-lavasoft&ent=ch&q={searchTerms} SearchScopes: HKCU - {A86CB93C-AF88-B5FE-F4D9-E79E5C6A4474} URL = http://www.startnow.com/s/?q={searchTerms}&src=defsearch&provider=Bing&provider_code=Z058&partner_id=300&product_id=409&affiliate_id=&channel=VLCTLNSINGLE04_NCEX_PLUSY&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110613&user_guid=FAEB450CDED04D2BBDF422553F016505&machine_id=163cc914bf5ad408a5666860060cc495&browser=IE&os=win&os_version=6.0-x86-SP2 SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=retail&geo=US&ver=6&gct=kwd&qsrc=2869 SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyE4iuSoP&i=26 SearchScopes: HKCU - {E79867C4-2396-4AF7-8554-7331D9116505} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=w3i&hsimp=yhs-geneiotransfer&type=W3i_IA,206,0_0,StartPage,20120102,18482,0,0,6434&p={searchTerms} BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Chrome: ======= CHR RestoreOnStartup: "urls_to_restore_on_startup": null CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (Java Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No File CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll No File CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (live player) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnoocjdgpaeliplnkbhbpccighjkeef\3.2_0 CHR Extension: (Norton Identity Protection) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0 CHR Extension: (Gmail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM\...\Chrome\Extension: [bcjagnifjocnddgeknajocbkkhlgibem] - C:\Program Files\Chrome\surfcanyon.crx CHR HKLM\...\Chrome\Extension: [cpoooaodibfldhiobnmnjliddplmekeb] - C:\Users\Patrick\AppData\Local\CRE\cpoooaodibfldhiobnmnjliddplmekeb.crx CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx CHR HKLM\...\Chrome\Extension: [hcnoocjdgpaeliplnkbhbpccighjkeef] - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lp.crx CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx CHR HKLM\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\Patrick\AppData\Local\Temp\Vuze_Toolbar.crx CHR StartMenuInternet: Google Chrome - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-04-29] (Affinegy, Inc.) R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152064 2010-02-17] () R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] () R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 N360; C:\Program Files\Norton 360\Engine\20.4.0.40\diMaster.dll [556336 2013-05-29] (Symantec Corporation) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-08-02] () R2 WACService; C:\Program Files\Wondershare\Wondershare Application Center\WACService.exe [103272 2012-11-09] (Wondershare) ==================== Drivers (Whitelisted) ==================== R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys [1097304 2013-10-01] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360\1404000.028\ccSetx86.sys [134744 2013-04-15] (Symantec Corporation) R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-26] (Symantec Corporation) R1 ElRawDisk; C:\Windows\system32\drivers\dddsk.sys [22312 2009-02-12] (EldoS Corporation) R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-26] (Symantec Corporation) S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20131022.001\IDSvix86.sys [393816 2013-10-16] (Symantec Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-10-23] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-17] () R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131023.002\NAVENG.SYS [93272 2013-08-28] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131023.002\NAVEX15.SYS [1612376 2013-08-28] (Symantec Corporation) S3 SkyhawkeUSBLan; C:\Windows\System32\DRIVERS\btblan.sys [40560 2010-04-15] (Belcarra Technologies) R3 SRTSP; C:\Windows\System32\Drivers\N360\1404000.028\SRTSP.SYS [603224 2013-05-15] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360\1404000.028\SRTSPX.SYS [32344 2013-03-04] (Symantec Corporation) R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.) R0 SymDS; C:\Windows\System32\drivers\N360\1404000.028\SYMDS.SYS [367704 2013-05-20] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360\1404000.028\SYMEFA.SYS [934488 2013-05-22] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-17] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360\1404000.028\Ironx86.SYS [175264 2013-03-04] (Symantec Corporation) R1 SYMTDIv; C:\Windows\System32\Drivers\N360\1404000.028\SYMTDIV.SYS [352344 2013-04-24] (Symantec Corporation) S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org) S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-20] (Microsoft Corporation) S3 EagleNT; No ImagePath S3 EagleXNt; No ImagePath S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] S3 XDva386; No ImagePath S3 XDva389; No ImagePath S3 XDva401; No ImagePath U3 mbr; \??\C:\Users\Patrick\AppData\Local\Temp\mbr.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-23 09:54 - 2013-10-23 09:54 - 00000000 ____D C:\FRST 2013-10-23 09:53 - 2013-10-23 09:53 - 01088113 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe 2013-10-23 09:27 - 2013-10-23 09:27 - 00016338 _____ C:\Users\Patrick\Desktop\dds.txt 2013-10-23 09:27 - 2013-10-23 09:27 - 00011035 _____ C:\Users\Patrick\Desktop\attach.txt 2013-10-23 09:25 - 2013-10-23 09:25 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.scr 2013-10-23 09:16 - 2013-10-23 09:16 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys 2013-10-23 00:18 - 2013-10-23 00:21 - 00000000 ____D C:\Windows\system32\MRT 2013-10-23 00:11 - 2013-09-22 03:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-23 00:11 - 2013-09-22 03:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-23 00:11 - 2013-09-22 03:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-23 00:11 - 2013-09-22 03:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-10-23 00:11 - 2013-09-22 03:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-23 00:11 - 2013-09-22 03:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-23 00:11 - 2013-09-22 03:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-10-23 00:11 - 2013-09-22 03:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-23 00:11 - 2013-09-22 03:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-10-23 00:11 - 2013-09-22 03:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-23 00:11 - 2013-09-22 03:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-10-23 00:11 - 2013-09-22 03:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-23 00:11 - 2013-09-22 03:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-23 00:11 - 2013-09-22 03:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-23 00:11 - 2013-09-22 03:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-10-23 00:11 - 2013-09-22 02:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-22 23:56 - 2013-08-26 19:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2013-10-22 23:56 - 2013-08-26 19:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2013-10-22 23:56 - 2013-08-26 19:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2013-10-22 23:56 - 2013-08-26 19:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2013-10-22 23:56 - 2013-08-26 18:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2013-10-22 23:56 - 2013-08-26 18:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-10-22 23:56 - 2013-08-26 18:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2013-10-22 23:56 - 2013-08-26 18:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-10-22 23:56 - 2013-08-26 18:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2013-10-22 23:55 - 2013-08-29 00:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-22 23:55 - 2013-08-01 21:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-10-22 23:55 - 2013-07-31 20:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-22 23:55 - 2013-07-31 19:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2013-10-22 23:55 - 2013-07-20 03:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-22 23:55 - 2013-07-17 12:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-10-22 23:55 - 2013-07-15 21:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2013-10-22 23:55 - 2013-07-10 02:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-10-22 23:55 - 2013-07-09 05:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-22 23:55 - 2013-07-07 21:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2013-10-22 23:55 - 2013-07-07 21:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-22 23:55 - 2013-07-04 20:20 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-22 23:55 - 2013-07-04 18:43 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2013-10-22 23:55 - 2013-06-28 19:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-22 23:55 - 2013-06-28 19:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-22 23:55 - 2013-06-28 19:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-22 23:55 - 2013-06-28 19:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-22 23:55 - 2013-06-15 06:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2013-10-22 23:55 - 2013-06-15 04:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-10-22 23:55 - 2013-05-01 21:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2013-10-22 23:55 - 2013-05-01 21:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll 2013-10-22 23:55 - 2013-04-23 21:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2013-10-22 23:55 - 2013-04-23 18:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2013-10-22 23:55 - 2013-03-03 12:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2013-10-22 23:55 - 2011-05-05 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-22 23:55 - 2011-05-05 06:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-22 23:54 - 2013-06-26 16:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-22 23:54 - 2013-04-17 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2013-10-22 23:51 - 2013-07-03 21:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-22 23:51 - 2013-07-02 19:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-22 23:51 - 2013-06-03 21:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-22 23:51 - 2013-06-03 18:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-22 23:50 - 2013-05-31 21:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2013-10-22 23:48 - 2013-07-07 21:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-10-22 23:48 - 2013-07-07 21:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-10-22 23:48 - 2013-07-07 21:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-10-22 23:48 - 2013-07-07 21:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-10-22 23:06 - 2013-10-23 08:49 - 00018556 _____ C:\Windows\PFRO.log 2013-10-22 22:53 - 2013-10-22 22:53 - 00004112 _____ C:\{5BA4C780-048B-48BB-B16B-A4B689A7A42A} 2013-10-22 16:49 - 2013-10-22 16:49 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-22 16:49 - 2013-10-22 16:49 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-10-22 16:49 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-22 16:46 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300 (1).exe 2013-10-22 16:45 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-22 15:53 - 2013-10-22 15:53 - 00365546 _____ C:\Users\Patrick\Documents\cc_20131022_155305.reg 2013-10-22 15:33 - 2013-10-22 15:33 - 00000815 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\CCleaner 2013-10-22 15:29 - 2013-10-22 15:29 - 04369632 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup406.exe 2013-10-22 15:08 - 2013-10-22 15:08 - 00000000 ____D C:\ProgramData\PC1Data 2013-10-22 15:08 - 2013-10-22 15:07 - 05403344 _____ (PC Cleaners) C:\ProgramData\pclunst.exe 2013-10-22 15:07 - 2013-10-22 15:07 - 05403344 _____ (PC Cleaners) C:\Users\Patrick\Downloads\PC_Pro_Installer2.exe 2013-10-22 15:03 - 2013-10-22 23:06 - 00000370 _____ C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job 2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry_Cleaner_Pro 2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry Cleaner Pro 2013-10-22 15:00 - 2013-10-22 15:00 - 00894600 _____ (CNET Download.com) C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe 2013-10-22 14:56 - 2013-10-22 14:56 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\LavasoftStatistics 2013-10-22 14:36 - 2013-10-22 16:00 - 00000000 ____D C:\Program Files\Lavasoft 2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SecureSearch 2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Local\adawarebp 2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection 2013-10-22 14:34 - 2013-10-22 14:34 - 00000000 ____D C:\ProgramData\Lavasoft 2013-10-22 14:33 - 2013-10-22 14:33 - 01724552 _____ C:\Users\Patrick\Downloads\Adaware_Installer.exe 2013-10-22 10:52 - 2013-10-22 10:52 - 00000000 ____D C:\Users\Patrick\Desktop\DriversEd 2013-10-20 09:40 - 2013-10-22 22:50 - 00000000 ____D C:\a 2013-10-20 09:40 - 2013-10-20 09:40 - 00589624 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (7).exe 2013-10-20 09:39 - 2013-10-20 09:39 - 00619911 _____ C:\Users\Patrick\Downloads\HDvideo-v4.exe 2013-10-20 09:31 - 2013-10-20 09:32 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe 2013-10-17 18:19 - 2013-10-17 18:19 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe 2013-10-11 11:28 - 2013-10-11 11:28 - 01676815 _____ C:\Users\Patrick\Downloads\03 (3).wmv 2013-10-11 11:27 - 2013-10-11 11:27 - 01684824 _____ C:\Users\Patrick\Downloads\01 (3).wmv 2013-10-11 11:27 - 2013-10-11 11:27 - 01652744 _____ C:\Users\Patrick\Downloads\02 (1).wmv 2013-10-11 11:24 - 2013-10-11 11:25 - 01637763 _____ C:\Users\Patrick\Downloads\mrs_johnson_mrs_rae_2.wmv 2013-10-11 11:23 - 2013-10-11 11:23 - 02837763 _____ C:\Users\Patrick\Downloads\mrs_hills_1.wmv 2013-10-11 11:23 - 2013-10-11 11:23 - 01661763 _____ C:\Users\Patrick\Downloads\mrs_hills_2.wmv 2013-10-11 11:23 - 2013-10-11 11:23 - 01117763 _____ C:\Users\Patrick\Downloads\mrs_hills_3.wmv 2013-10-11 11:22 - 2013-10-11 11:22 - 01791510 _____ C:\Users\Patrick\Downloads\3 (7).wmv 2013-10-11 11:22 - 2013-10-11 11:22 - 01751259 _____ C:\Users\Patrick\Downloads\2 (2).wmv 2013-10-11 11:22 - 2013-10-11 11:22 - 00005523 _____ C:\Users\Patrick\Downloads\1 (1).wmv 2013-10-11 11:19 - 2013-10-11 11:19 - 01714670 _____ C:\Users\Patrick\Downloads\3 (6).wmv 2013-10-11 11:16 - 2013-10-11 11:16 - 01644195 _____ C:\Users\Patrick\Downloads\juliet_echo_06.mpg 2013-10-11 11:16 - 2013-10-11 11:16 - 01597289 _____ C:\Users\Patrick\Downloads\juliet_echo_04.mpg 2013-10-11 11:16 - 2013-10-11 11:16 - 01597263 _____ C:\Users\Patrick\Downloads\juliet_echo_03.mpg 2013-10-11 11:16 - 2013-10-11 11:16 - 01596302 _____ C:\Users\Patrick\Downloads\juliet_echo_05.mpg 2013-10-11 10:27 - 2013-10-11 10:27 - 01173497 _____ C:\Users\Patrick\Downloads\05 (1).wmv 2013-10-11 10:25 - 2013-10-11 10:25 - 01141497 _____ C:\Users\Patrick\Downloads\03 (2).wmv 2013-10-11 10:25 - 2013-10-11 10:25 - 01093497 _____ C:\Users\Patrick\Downloads\04 (2).wmv 2013-10-11 10:23 - 2013-10-11 10:23 - 01141497 _____ C:\Users\Patrick\Downloads\03 (1).wmv 2013-10-11 10:22 - 2013-10-11 10:22 - 01173497 _____ C:\Users\Patrick\Downloads\01 (2).wmv 2013-10-11 10:22 - 2013-10-11 10:22 - 01173497 _____ C:\Users\Patrick\Downloads\01 (1).wmv 2013-10-11 10:22 - 2013-10-11 10:22 - 01093497 _____ C:\Users\Patrick\Downloads\04 (1).wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\05.wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\01.wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01165497 _____ C:\Users\Patrick\Downloads\02.wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01141497 _____ C:\Users\Patrick\Downloads\03.wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01093497 _____ C:\Users\Patrick\Downloads\04.wmv 2013-10-10 18:44 - 2013-10-10 18:44 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe 2013-10-09 08:17 - 2013-10-09 08:17 - 00000068 _____ C:\Windows\system32\ttt.bat 2013-10-07 18:41 - 2013-10-07 18:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe 2013-10-06 14:25 - 2013-10-06 14:25 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe 2013-10-06 14:03 - 2013-10-06 14:03 - 00743634 _____ C:\Users\Patrick\Downloads\steak___kidney_pie.bmp 2013-10-06 10:53 - 2013-10-06 10:53 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe 2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uPlayer 2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uPlayer 2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Program Files\uPlayer 2013-10-06 10:42 - 2013-10-20 09:43 - 20914176 _____ C:\Users\Patrick\Downloads\uPlayer.msi 2013-10-06 10:41 - 2013-10-06 10:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe 2013-10-05 14:34 - 2013-10-05 14:34 - 00002093 _____ C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk 2013-10-05 14:15 - 2013-10-05 14:15 - 00002021 _____ C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk 2013-10-04 21:22 - 2013-10-04 21:22 - 00000000 ____D C:\Users\Patrick\Documents\Electronic Arts 2013-10-04 21:18 - 2013-10-04 21:18 - 00002080 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk 2013-10-04 21:18 - 2013-10-04 21:15 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll 2013-09-24 10:19 - 2013-09-24 10:19 - 02756981 _____ C:\Users\Patrick\Downloads\03 (1).mpg 2013-09-24 10:17 - 2013-09-24 10:17 - 02793845 _____ C:\Users\Patrick\Downloads\01.mpg 2013-09-24 10:17 - 2013-09-24 10:17 - 02756981 _____ C:\Users\Patrick\Downloads\03.mpg 2013-09-24 10:17 - 2013-09-24 10:17 - 02673447 _____ C:\Users\Patrick\Downloads\02.mpg 2013-09-24 08:57 - 2013-09-24 08:57 - 01578377 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug1 (1).wmv 2013-09-24 08:56 - 2013-09-24 08:56 - 01651957 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug2.wmv 2013-09-24 08:56 - 2013-09-24 08:56 - 01597000 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug3.wmv 2013-09-24 08:56 - 2013-09-24 08:56 - 01578377 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug1.wmv ==================== One Month Modified Files and Folders ======= 2013-10-23 09:54 - 2013-10-23 09:54 - 00000000 ____D C:\FRST 2013-10-23 09:53 - 2013-10-23 09:53 - 01088113 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe 2013-10-23 09:53 - 2006-11-02 05:46 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-23 09:53 - 2006-11-02 05:46 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-23 09:41 - 2013-02-26 18:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-23 09:41 - 2011-04-28 12:07 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA.job 2013-10-23 09:41 - 2011-04-28 12:07 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core.job 2013-10-23 09:37 - 2011-06-11 02:22 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-23 09:27 - 2013-10-23 09:27 - 00016338 _____ C:\Users\Patrick\Desktop\dds.txt 2013-10-23 09:27 - 2013-10-23 09:27 - 00011035 _____ C:\Users\Patrick\Desktop\attach.txt 2013-10-23 09:25 - 2013-10-23 09:25 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.scr 2013-10-23 09:25 - 2011-04-27 15:28 - 00001356 _____ C:\Users\Patrick\AppData\Local\d3d9caps.dat 2013-10-23 09:16 - 2013-10-23 09:16 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys 2013-10-23 09:12 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache 2013-10-23 09:06 - 2009-04-11 05:38 - 01224447 _____ C:\Windows\WindowsUpdate.log 2013-10-23 09:01 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET 2013-10-23 08:58 - 2006-11-02 03:33 - 01614504 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-23 08:52 - 2011-06-11 02:22 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-23 08:51 - 2012-06-05 15:45 - 00000414 _____ C:\Windows\Tasks\PC Optimizer Pro startups.job 2013-10-23 08:50 - 2006-11-02 06:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-23 08:50 - 2006-11-02 05:46 - 03714840 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-23 08:49 - 2013-10-22 23:06 - 00018556 _____ C:\Windows\PFRO.log 2013-10-23 08:49 - 2012-11-06 13:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-23 08:47 - 2006-11-02 06:00 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-10-23 08:47 - 2006-11-02 05:35 - 00000000 ____D C:\Windows\system32\XPSViewer 2013-10-23 08:47 - 2006-11-02 05:35 - 00000000 ____D C:\Program Files\Windows Journal 2013-10-23 00:34 - 2006-11-02 03:23 - 00000240 _____ C:\Windows\win.ini 2013-10-23 00:21 - 2013-10-23 00:18 - 00000000 ____D C:\Windows\system32\MRT 2013-10-22 23:49 - 2011-04-27 15:28 - 00079008 _____ C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT 2013-10-22 23:09 - 2012-03-12 12:18 - 00000000 ____D C:\Users\Patrick\Desktop\MoreGames 2013-10-22 23:06 - 2013-10-22 15:03 - 00000370 _____ C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job 2013-10-22 23:06 - 2011-05-03 08:22 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment 2013-10-22 22:53 - 2013-10-22 22:53 - 00004112 _____ C:\{5BA4C780-048B-48BB-B16B-A4B689A7A42A} 2013-10-22 22:50 - 2013-10-20 09:40 - 00000000 ____D C:\a 2013-10-22 16:49 - 2013-10-22 16:49 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-10-22 16:49 - 2013-10-22 16:49 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-10-22 16:46 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300 (1).exe 2013-10-22 16:46 - 2013-10-22 16:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-22 16:10 - 2012-07-19 09:06 - 00000002 _____ C:\Windows\system32\HRUPPROG.TXT 2013-10-22 16:07 - 2013-01-13 10:34 - 00000000 ____D C:\Users\Patrick\Documents\Silo Data 2013-10-22 16:04 - 2012-06-05 15:40 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-10-22 16:00 - 2013-10-22 14:36 - 00000000 ____D C:\Program Files\Lavasoft 2013-10-22 15:53 - 2013-10-22 15:53 - 00365546 _____ C:\Users\Patrick\Documents\cc_20131022_155305.reg 2013-10-22 15:48 - 2011-05-11 14:23 - 00000000 ____D C:\Program Files\Steam 2013-10-22 15:48 - 2011-05-09 16:07 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Vso 2013-10-22 15:47 - 2013-05-08 09:18 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client 2013-10-22 15:47 - 2012-12-23 12:26 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Ventrilo 2013-10-22 15:47 - 2011-05-09 08:04 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Azureus 2013-10-22 15:37 - 2013-05-05 07:31 - 00000000 ____D C:\Windows\Minidump 2013-10-22 15:37 - 2013-03-22 07:40 - 00000000 ____D C:\Users\Patrick\AppData\Local\CrashDumps 2013-10-22 15:37 - 2011-04-27 16:15 - 00000000 ____D C:\Windows\Panther 2013-10-22 15:33 - 2013-10-22 15:33 - 00000815 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\CCleaner 2013-10-22 15:29 - 2013-10-22 15:29 - 04369632 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup406.exe 2013-10-22 15:08 - 2013-10-22 15:08 - 00000000 ____D C:\ProgramData\PC1Data 2013-10-22 15:07 - 2013-10-22 15:08 - 05403344 _____ (PC Cleaners) C:\ProgramData\pclunst.exe 2013-10-22 15:07 - 2013-10-22 15:07 - 05403344 _____ (PC Cleaners) C:\Users\Patrick\Downloads\PC_Pro_Installer2.exe 2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry_Cleaner_Pro 2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry Cleaner Pro 2013-10-22 15:00 - 2013-10-22 15:00 - 00894600 _____ (CNET Download.com) C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe 2013-10-22 14:56 - 2013-10-22 14:56 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\LavasoftStatistics 2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SecureSearch 2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Local\adawarebp 2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection 2013-10-22 14:34 - 2013-10-22 14:34 - 00000000 ____D C:\ProgramData\Lavasoft 2013-10-22 14:33 - 2013-10-22 14:33 - 01724552 _____ C:\Users\Patrick\Downloads\Adaware_Installer.exe 2013-10-22 10:52 - 2013-10-22 10:52 - 00000000 ____D C:\Users\Patrick\Desktop\DriversEd 2013-10-21 17:05 - 2011-06-11 05:48 - 00000406 ____H C:\Windows\Tasks\Norton Security Scan for Patrick.job 2013-10-20 09:43 - 2013-10-06 10:42 - 20914176 _____ C:\Users\Patrick\Downloads\uPlayer.msi 2013-10-20 09:40 - 2013-10-20 09:40 - 00589624 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (7).exe 2013-10-20 09:39 - 2013-10-20 09:39 - 00619911 _____ C:\Users\Patrick\Downloads\HDvideo-v4.exe 2013-10-20 09:32 - 2013-10-20 09:31 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe 2013-10-17 22:25 - 2012-07-13 09:02 - 00002063 _____ C:\Users\Patrick\Desktop\Google Chrome.lnk 2013-10-17 18:19 - 2013-10-17 18:19 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe 2013-10-12 19:08 - 2011-05-08 12:17 - 00000000 ____D C:\Users\Patrick\Desktop\New Folder 2013-10-12 17:23 - 2011-05-03 08:31 - 00000000 ____D C:\Users\Patrick\Documents\StarCraft II 2013-10-11 11:28 - 2013-10-11 11:28 - 01676815 _____ C:\Users\Patrick\Downloads\03 (3).wmv 2013-10-11 11:27 - 2013-10-11 11:27 - 01684824 _____ C:\Users\Patrick\Downloads\01 (3).wmv 2013-10-11 11:27 - 2013-10-11 11:27 - 01652744 _____ C:\Users\Patrick\Downloads\02 (1).wmv 2013-10-11 11:25 - 2013-10-11 11:24 - 01637763 _____ C:\Users\Patrick\Downloads\mrs_johnson_mrs_rae_2.wmv 2013-10-11 11:23 - 2013-10-11 11:23 - 02837763 _____ C:\Users\Patrick\Downloads\mrs_hills_1.wmv 2013-10-11 11:23 - 2013-10-11 11:23 - 01661763 _____ C:\Users\Patrick\Downloads\mrs_hills_2.wmv 2013-10-11 11:23 - 2013-10-11 11:23 - 01117763 _____ C:\Users\Patrick\Downloads\mrs_hills_3.wmv 2013-10-11 11:22 - 2013-10-11 11:22 - 01791510 _____ C:\Users\Patrick\Downloads\3 (7).wmv 2013-10-11 11:22 - 2013-10-11 11:22 - 01751259 _____ C:\Users\Patrick\Downloads\2 (2).wmv 2013-10-11 11:22 - 2013-10-11 11:22 - 00005523 _____ C:\Users\Patrick\Downloads\1 (1).wmv 2013-10-11 11:19 - 2013-10-11 11:19 - 01714670 _____ C:\Users\Patrick\Downloads\3 (6).wmv 2013-10-11 11:16 - 2013-10-11 11:16 - 01644195 _____ C:\Users\Patrick\Downloads\juliet_echo_06.mpg 2013-10-11 11:16 - 2013-10-11 11:16 - 01597289 _____ C:\Users\Patrick\Downloads\juliet_echo_04.mpg 2013-10-11 11:16 - 2013-10-11 11:16 - 01597263 _____ C:\Users\Patrick\Downloads\juliet_echo_03.mpg 2013-10-11 11:16 - 2013-10-11 11:16 - 01596302 _____ C:\Users\Patrick\Downloads\juliet_echo_05.mpg 2013-10-11 10:27 - 2013-10-11 10:27 - 01173497 _____ C:\Users\Patrick\Downloads\05 (1).wmv 2013-10-11 10:25 - 2013-10-11 10:25 - 01141497 _____ C:\Users\Patrick\Downloads\03 (2).wmv 2013-10-11 10:25 - 2013-10-11 10:25 - 01093497 _____ C:\Users\Patrick\Downloads\04 (2).wmv 2013-10-11 10:23 - 2013-10-11 10:23 - 01141497 _____ C:\Users\Patrick\Downloads\03 (1).wmv 2013-10-11 10:22 - 2013-10-11 10:22 - 01173497 _____ C:\Users\Patrick\Downloads\01 (2).wmv 2013-10-11 10:22 - 2013-10-11 10:22 - 01173497 _____ C:\Users\Patrick\Downloads\01 (1).wmv 2013-10-11 10:22 - 2013-10-11 10:22 - 01093497 _____ C:\Users\Patrick\Downloads\04 (1).wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\05.wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\01.wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01165497 _____ C:\Users\Patrick\Downloads\02.wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01141497 _____ C:\Users\Patrick\Downloads\03.wmv 2013-10-11 10:21 - 2013-10-11 10:21 - 01093497 _____ C:\Users\Patrick\Downloads\04.wmv 2013-10-10 18:44 - 2013-10-10 18:44 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe 2013-10-09 08:17 - 2013-10-09 08:17 - 00000068 _____ C:\Windows\system32\ttt.bat 2013-10-09 07:41 - 2013-02-26 18:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-10-09 07:41 - 2012-07-25 12:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-10-07 18:41 - 2013-10-07 18:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe 2013-10-06 14:26 - 2010-07-27 08:02 - 00000000 ____D C:\StarCraft II 2013-10-06 14:25 - 2013-10-06 14:25 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe 2013-10-06 14:03 - 2013-10-06 14:03 - 00743634 _____ C:\Users\Patrick\Downloads\steak___kidney_pie.bmp 2013-10-06 10:53 - 2013-10-06 10:53 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe 2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uPlayer 2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uPlayer 2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Program Files\uPlayer 2013-10-06 10:41 - 2013-10-06 10:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe 2013-10-05 14:34 - 2013-10-05 14:34 - 00002093 _____ C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk 2013-10-05 14:34 - 2011-04-27 15:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-10-05 14:26 - 2011-09-17 19:11 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2013-10-05 14:15 - 2013-10-05 14:15 - 00002021 _____ C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk 2013-10-05 14:11 - 2013-08-14 14:54 - 00000000 ____D C:\Program Files\Origin Games 2013-10-05 14:04 - 2011-07-28 22:39 - 00000000 ____D C:\Program Files\Origin 2013-10-04 21:22 - 2013-10-04 21:22 - 00000000 ____D C:\Users\Patrick\Documents\Electronic Arts 2013-10-04 21:18 - 2013-10-04 21:18 - 00002080 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk 2013-10-04 21:15 - 2013-10-04 21:18 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll 2013-09-26 02:19 - 2006-11-02 03:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2013-09-24 10:19 - 2013-09-24 10:19 - 02756981 _____ C:\Users\Patrick\Downloads\03 (1).mpg 2013-09-24 10:17 - 2013-09-24 10:17 - 02793845 _____ C:\Users\Patrick\Downloads\01.mpg 2013-09-24 10:17 - 2013-09-24 10:17 - 02756981 _____ C:\Users\Patrick\Downloads\03.mpg 2013-09-24 10:17 - 2013-09-24 10:17 - 02673447 _____ C:\Users\Patrick\Downloads\02.mpg 2013-09-24 08:57 - 2013-09-24 08:57 - 01578377 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug1 (1).wmv 2013-09-24 08:56 - 2013-09-24 08:56 - 01651957 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug2.wmv 2013-09-24 08:56 - 2013-09-24 08:56 - 01597000 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug3.wmv 2013-09-24 08:56 - 2013-09-24 08:56 - 01578377 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug1.wmv Files to move or delete: ==================== C:\ProgramData\.glInit02.dat C:\ProgramData\pclunst.exe C:\Users\Patrick\APB_Reloaded_Installer.exe C:\Users\Patrick\Fallen_Earth_20110728.exe Some content of TEMP: ==================== C:\Users\Patrick\AppData\Local\Temp\7b68842b-dbcf-47b7-9a2a-b1db9121dc2f.exe C:\Users\Patrick\AppData\Local\Temp\d4a3684f-6bb1-4f43-8cad-9e4c5138cffe.exe C:\Users\Patrick\AppData\Local\Temp\oi_{115DDDCF-9CBB-4871-AF50-D1933FBF1B1D}.exe C:\Users\Patrick\AppData\Local\Temp\UNINSTALL.EXE C:\Users\Patrick\AppData\Local\Temp\Uninstaller-5316.exe C:\Users\Patrick\AppData\Local\Temp\Uninstaller-7300.exe C:\Users\Patrick\AppData\Local\Temp\Uninstaller-7936.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-23 08:55 ==================== End Of Log ============================

Attach text - UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Ultimate Boot Device: \Device\HarddiskVolume1Install Date: 4/27/2011 3:20:30 PMSystem Uptime: 10/23/2013 8:48:41 AM (1 hours ago).Motherboard: ASUSTeK Computer INC. | | P5E-VM HDMIProcessor: Intel® Core2 Quad CPU @ 2.40GHz | LGA775 | 2394/266mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 298 GiB total, 15.889 GiB free.D: is CDROM (CDFS)F: is FIXED (NTFS) - 289 GiB total, 181.56 GiB free.G: is FIXED (NTFS) - 9 GiB total, 0.977 GiB free..==== Disabled Device Manager Items =============.Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}Description: Standard PS/2 KeyboardDevice ID: ACPI\PNP0303\4&23F9C1E3&0Manufacturer: (Standard keyboards)Name: Standard PS/2 KeyboardPNP Device ID: ACPI\PNP0303\4&23F9C1E3&0Service: i8042prt.Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}Description: Microsoft PS/2 MouseDevice ID: ACPI\PNP0F03\4&23F9C1E3&0Manufacturer: MicrosoftName: Microsoft PS/2 MousePNP Device ID: ACPI\PNP0F03\4&23F9C1E3&0Service: i8042prt.==== System Restore Points ===================.RP1241: 10/22/2013 11:37:51 PM - Norton 360 Registry CleanRP1242: 10/22/2013 11:56:47 PM - Windows UpdateRP1243: 10/23/2013 9:01:26 AM - Windows UpdateRP1244: 10/23/2013 9:04:04 AM - Windows Update.==== Installed Programs ======================.1912: Titanic MysteryAd-Aware Browsing ProtectionAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Photoshop CS6Adobe Reader X (10.0.1)APB ReloadedApple Application SupportApple Mobile Device SupportApple Software UpdateAtheros Communications Inc.® L1 Gigabit Ethernet DriverAutoHotkey 1.1.09.02AVCWare Ringtone MakerBelkin Setup and Router MonitorBelkin USB Print and Storage CenterBig Fish: Game ManagerBonjourCaddieSync Express 1.4.3CCleanerChivalry: Medieval WarfareConvertXtoDVD 4.1.19.364Counter-Strike: Global OffensiveDarkfall Unholy Wars 2.1.0.8Dead Space™ 3DivxToDVD 0.5.2bFishdom H2O: Hidden Odyssey ™G-Hotkey version 3.62GamersFirst LIVE!Ghost Mouse Auto Clicker 3.7GIMP 2.8.2Global Agenda LiveGoogle ChromeGoogle Update HelperHi-Rez Studios Authenticate and Update ServiceHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Java 7 Update 40Java Auto UpdaterJava 6 Update 30Loop RecorderMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 3.5 Language Pack - esnMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Games for Windows - LIVE RedistributableMicrosoft Games for Windows MarketplaceMicrosoft Office File Validation Add-InMicrosoft Office Professional Edition 2003Microsoft SilverlightMicrosoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable - KB2467175Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft_VC80_CRT_x86Microsoft_VC90_CRT_x86MSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Murder, She WroteNatural Selection 2Norton 360Norton Security ScanNVIDIA 3D Vision Controller DriverNVIDIA 3D Vision Controller Driver 326.01NVIDIA Control Panel 327.23NVIDIA Graphics Driver 327.23NVIDIA HD Audio Driver 1.3.26.4NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.13.0725Orcs Must Die! 2OriginPaperPort Image PrinterPaquete de idioma de Microsoft .NET Framework 3.5 - esnPath of ExilePDF Settings CS6PL-2303 Vista Driver InstallerPortal 2 Publishing ToolPunkBuster ServicesRavagedRazer Game BoosterRealtek High Definition Audio DriverScanSoft PaperPort 11Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Serious Sam 3: BFESimCity 4 DeluxeSix UpdaterSkyCaddie DesktopSmiteSoft Data Fax Modem with SmartCPStar Wars: The Old RepublicStarCraft IISteamTeam Fortress 2TeamSpeak 3 ClientThe Sims™ 3The Sims™ 3 High-End Loft StuffThe Sims™ 3 Late NightThe War Z version alphaTrackMania Nations ForeverUltimate Extras sounds from Microsoft® Tinker™Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)uPlayerVC80CRTRedist - 8.0.50727.6195Ventrilo ClientVisual Link Spanish Level I v. 4VTFEdit 1.3.2VuzeWavePad Sound EditorWindows Live ID Sign-in AssistantWindows Sound SchemesWinRAR 4.20 (32-bit)WinZip 16.5Wondershare Application Center 1.0.0.58XCOM: Enemy UnknownXfire (remove only).==== Event Viewer Messages From Past Week ========.10/23/2013 9:06:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows Vista (KB2345886).10/23/2013 9:06:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows Vista (KB2378111).10/23/2013 9:04:40 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state10/23/2013 9:04:39 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2345886 (Update) into Installed(Installed) state10/23/2013 9:04:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows Vista (KB972145).10/23/2013 9:04:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows Vista (KB970430).10/23/2013 9:04:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows Vista (KB967723).10/23/2013 9:04:35 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB967723 (Security Update) into Installed(Installed) state10/23/2013 9:04:34 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Installed(Installed) state10/23/2013 9:04:32 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB972145 (Update) into Installed(Installed) state10/23/2013 8:53:39 AM, Error: Microsoft-Windows-LanguagePackSetup [1001] - Application initialization failed. Last error: 0x8007003210/22/2013 4:41:23 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.10/22/2013 3:58:56 PM, Error: Service Control Manager [7034] - The Ad-Aware Service 11 service terminated unexpectedly. It has done this 1 time(s).10/22/2013 11:08:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.10/22/2013 11:08:04 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.10/16/2013 7:39:44 AM, Error: EventLog [6008] - The previous system shutdown at 7:37:15 AM on 10/16/2013 was unexpected..==== End Of File ===========================