Jump to content

infected by sports site


Recommended Posts

So, hopefully I'm following the directions properly, although I have already done some of the things I've seen you aren't supposed to do.  Anyways...  I was watching football games on a popular sports site about front rows and all that.  They hit you with a ton of pop ups and if you battle them back you can eventually get US football games.  Well I ended up with that AVG thing on my computer.  After running some of these other programs, which I see aren't recommended, I got to malwarebytes.  I ran a full scan which took like 5 hours, and it eventually removed like 26 things. Now a quick scan comes up with nothing.  I'm getting pop ups that are suggesting browser updates, which looks similar to chromes logo and full screen pop unders of various stuff.

 

So, hopefully this is what I'm supposed to do next.  Those two DDS text files will be my next two replies.  Thanks in advance, and I will certainly be buying the pro version at a later date ( I promise! I'm just unemployed temporarily.) as I remember you guys fixing my computer a few years back, when nothing else seemed to clean me up.

Link to post
Share on other sites

DDS text -

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16514  BrowserJavaVersion: 10.40.2
Run by Patrick at 9:26:06 on 2013-10-23
Microsoft® Windows Vista™ Ultimate   6.0.6002.2.1252.1.1033.18.3326.1712 [GMT -7:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\SYSTEM32\astsrv.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Wondershare\Wondershare Application Center\WACService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Windows\system32\DllHost.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360\engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360\engine\20.4.0.40\ips\ipsbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\20.4.0.40\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360\engine\20.4.0.40\coieplg.dll
uRun: [AdobeBridge] <no file>
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [instaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{794AEEC6-62BB-4FEF-BA56-F9C8CE6D783B} : DHCPNameServer = 192.168.2.1
STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - c:\windows\system32\DreamScene.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {7070D8E0-650A-46b3-B03C-9497582E6A74} - c:\windows\system32\soundschemes.exe /AddRegistration
mASetup: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - c:\windows\system32\soundschemes2.exe /AddRegistration
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1404000.028\symds.sys [2013-6-9 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1404000.028\symefa.sys [2013-6-9 934488]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.3.1.22\definitions\bashdefs\20131002.001\BHDrvx86.sys [2013-10-1 1097304]
R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\1404000.028\ccsetx86.sys [2013-6-9 134744]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\dddsk.sys [2012-12-5 22312]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.3.1.22\definitions\ipsdefs\20131022.001\IDSvix86.sys [2013-10-22 393816]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1404000.028\ironx86.sys [2013-6-9 175264]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\1404000.028\symtdiv.sys [2013-6-9 352344]
R2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2011-10-18 152064]
R2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2011-10-18 49152]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\hi-rez studios\HiPatchService.exe [2013-3-29 9216]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-10-22 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-10-22 701512]
R2 N360;Norton 360;c:\program files\norton 360\engine\20.4.0.40\ccsvchst.exe [2013-6-9 144368]
R2 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2011-10-18 247320]
R2 WACService;WACService;c:\program files\wondershare\wondershare application center\WACService.exe [2012-12-5 103272]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x86.sys [2011-4-27 46592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-8-27 108120]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-10-22 22856]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-10-23 40776]
S3 SkyhawkeUSBLan;SkyhawkeUSBLan;c:\windows\system32\drivers\btblan.sys [2010-4-15 40560]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2008-1-20 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2008-1-20 251904]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\razer\razer game booster\driver\WinRing0.sys [2012-11-13 14416]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2013-10-23 16:16:27 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-10-23 15:39:34 7796464 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{09697212-dc0e-4633-96be-75214c0559f4}\mpengine.dll
2013-10-23 07:18:35 -------- d-----w- c:\windows\system32\MRT
2013-10-23 06:56:09 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-10-23 06:56:09 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-10-23 06:56:09 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-10-23 06:56:09 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-10-23 06:56:09 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-10-23 06:56:09 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-10-23 06:56:08 798208 ----a-w- c:\windows\system32\FntCache.dll
2013-10-23 06:56:08 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-10-23 06:56:08 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-10-23 06:54:59 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-23 06:54:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-10-23 06:51:04 532480 ----a-w- c:\windows\system32\comctl32.dll
2013-10-23 06:51:02 25472 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-23 06:51:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-10-23 06:51:01 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-10-23 06:50:59 505344 ----a-w- c:\windows\system32\qedit.dll
2013-10-23 06:49:31 983552 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2013-10-23 06:49:31 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2013-10-23 06:49:31 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-10-23 06:49:31 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2013-10-23 06:48:20 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-10-23 06:48:19 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-10-23 06:48:19 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-10-23 06:48:19 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-10-22 23:49:30 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-22 23:49:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-22 22:33:19 -------- d-----w- c:\program files\CCleaner
2013-10-22 22:08:18 5403344 ----a-w- c:\programdata\pclunst.exe
2013-10-22 22:08:17 -------- d-----w- c:\programdata\PC1Data
2013-10-22 22:03:30 -------- d-----w- c:\users\patrick\appdata\local\Registry_Cleaner_Pro
2013-10-22 22:03:29 -------- d-----w- c:\users\patrick\appdata\local\Registry Cleaner Pro
2013-10-22 21:56:31 -------- d-----w- c:\users\patrick\appdata\roaming\LavasoftStatistics
2013-10-22 21:36:42 -------- d-----w- c:\users\patrick\appdata\local\adawarebp
2013-10-22 21:36:38 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2013-10-22 21:36:13 -------- d-----w- c:\users\patrick\appdata\roaming\SecureSearch
2013-10-22 21:36:00 -------- d-----w- c:\program files\Lavasoft
2013-10-20 16:40:41 -------- d-----w- C:\a
2013-10-09 15:17:58 68 ----a-w- c:\windows\system32\ttt.bat
2013-10-06 17:43:32 -------- d-----w- c:\users\patrick\appdata\roaming\uPlayer
2013-10-06 17:43:30 -------- d-----w- c:\program files\uPlayer
2013-10-05 04:18:44 447752 ----a-w- c:\windows\system32\vp6vfw.dll
.
==================== Find3M  ====================
.
2013-10-09 14:41:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 14:41:13 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-22 10:22:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 10:14:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-22 10:13:22 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 10:08:41 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-22 10:06:58 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-09-22 10:03:18 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-09-21 17:23:35 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-09-21 17:23:30 868264 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-09-21 17:23:30 790440 ----a-w- c:\windows\system32\deployJava1.dll
2013-09-12 06:28:40 4265760 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 06:28:40 3006240 ----a-w- c:\windows\system32\nvsvc.dll
2013-09-12 06:28:37 662816 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-12 06:28:37 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-09-12 06:28:36 209184 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-03 21:35:12 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 07:36:04 2050048 ----a-w- c:\windows\system32\win32k.sys
2013-08-02 04:09:35 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-01 03:16:32 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-08-01 02:49:15 37376 ----a-w- c:\windows\system32\cdd.dll
.
=================== ROOTKIT  ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: SAMSUNG_HD320KJ rev.CP100-10 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 
1 ntkrnlpa!IofCallDriver[0xE264A916] -> \Device\Harddisk0\DR0[0xC3F48AC8]
3 CLASSPNP[0xC97CA8B3] -> ntkrnlpa!IofCallDriver[0xE264A916] -> [0xC27AE520]
5 acpi[0xC8E9E6BC] -> ntkrnlpa!IofCallDriver[0xE264A916] -> \Device\Ide\IdeDeviceP2T0L0-2[0xC2B425D8]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0;  }
user != kernel MBR !!! 
.
============= FINISH:  9:27:09.42 ===============
Link to post
Share on other sites

Attach text -

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Ultimate 
Boot Device: \Device\HarddiskVolume1
Install Date: 4/27/2011 3:20:30 PM
System Uptime: 10/23/2013 8:48:41 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | P5E-VM HDMI
Processor: Intel® Core2 Quad CPU           @ 2.40GHz | LGA775 | 2394/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 298 GiB total, 15.889 GiB free.
D: is CDROM (CDFS)
F: is FIXED (NTFS) - 289 GiB total, 181.56 GiB free.
G: is FIXED (NTFS) - 9 GiB total, 0.977 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
Description: Standard PS/2 Keyboard
Device ID: ACPI\PNP0303\4&23F9C1E3&0
Manufacturer: (Standard keyboards)
Name: Standard PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&23F9C1E3&0
Service: i8042prt
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&23F9C1E3&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&23F9C1E3&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP1241: 10/22/2013 11:37:51 PM - Norton 360 Registry Clean
RP1242: 10/22/2013 11:56:47 PM - Windows Update
RP1243: 10/23/2013 9:01:26 AM - Windows Update
RP1244: 10/23/2013 9:04:04 AM - Windows Update
.
==== Installed Programs ======================
.
1912: Titanic Mystery
Ad-Aware Browsing Protection
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader X (10.0.1)
APB Reloaded
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.® L1 Gigabit Ethernet Driver
AutoHotkey 1.1.09.02
AVCWare Ringtone Maker
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center
Big Fish: Game Manager
Bonjour
CaddieSync Express 1.4.3
CCleaner
Chivalry: Medieval Warfare
ConvertXtoDVD 4.1.19.364
Counter-Strike: Global Offensive
Darkfall Unholy Wars 2.1.0.8
Dead Space™ 3
DivxToDVD 0.5.2b
Fishdom H2O: Hidden Odyssey ™
G-Hotkey version 3.62
GamersFirst LIVE!
Ghost Mouse Auto Clicker 3.7
GIMP 2.8.2
Global Agenda Live
Google Chrome
Google Update Helper
Hi-Rez Studios Authenticate and Update Service
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java 7 Update 40
Java Auto Updater
Java 6 Update 30
Loop Recorder
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 3.5 Language Pack - esn
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Murder, She Wrote
Natural Selection 2
Norton 360
Norton Security Scan
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 326.01
NVIDIA Control Panel 327.23
NVIDIA Graphics Driver 327.23
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
Orcs Must Die! 2
Origin
PaperPort Image Printer
Paquete de idioma de Microsoft .NET Framework 3.5 - esn
Path of Exile
PDF Settings CS6
PL-2303 Vista Driver Installer
Portal 2 Publishing Tool
PunkBuster Services
Ravaged
Razer Game Booster
Realtek High Definition Audio Driver
ScanSoft PaperPort 11
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Serious Sam 3: BFE
SimCity 4 Deluxe
Six Updater
SkyCaddie Desktop
Smite
Soft Data Fax Modem with SmartCP
Star Wars: The Old Republic
StarCraft II
Steam
Team Fortress 2
TeamSpeak 3 Client
The Sims™ 3
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 Late Night
The War Z version alpha
TrackMania Nations Forever
Ultimate Extras sounds from Microsoft® Tinker™
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
uPlayer
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
Visual Link Spanish Level I v. 4
VTFEdit 1.3.2
Vuze
WavePad Sound Editor
Windows Live ID Sign-in Assistant
Windows Sound Schemes
WinRAR 4.20 (32-bit)
WinZip 16.5
Wondershare Application Center 1.0.0.58
XCOM: Enemy Unknown
Xfire (remove only)
.
==== Event Viewer Messages From Past Week ========
.
10/23/2013 9:06:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows Vista (KB2345886).
10/23/2013 9:06:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows Vista (KB2378111).
10/23/2013 9:04:40 AM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state
10/23/2013 9:04:39 AM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB2345886 (Update) into Installed(Installed) state
10/23/2013 9:04:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows Vista (KB972145).
10/23/2013 9:04:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows Vista (KB970430).
10/23/2013 9:04:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows Vista (KB967723).
10/23/2013 9:04:35 AM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB967723 (Security Update) into Installed(Installed) state
10/23/2013 9:04:34 AM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB970430 (Security Update) into Installed(Installed) state
10/23/2013 9:04:32 AM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KB972145 (Update) into Installed(Installed) state
10/23/2013 8:53:39 AM, Error: Microsoft-Windows-LanguagePackSetup [1001]  - Application initialization failed. Last error: 0x80070032
10/22/2013 4:41:23 PM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
10/22/2013 3:58:56 PM, Error: Service Control Manager [7034]  - The Ad-Aware Service 11 service terminated unexpectedly.  It has done this 1 time(s).
10/22/2013 11:08:04 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
10/22/2013 11:08:04 PM, Error: Service Control Manager [7000]  - The Windows Media Player Network Sharing Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
10/16/2013 7:39:44 AM, Error: EventLog [6008]  - The previous system shutdown at 7:37:15 AM on 10/16/2013 was unexpected.
.
==== End Of File ===========================
Link to post
Share on other sites

Hello kingp43 and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system.  You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-10-2013 01

Ran by Patrick (administrator) on PATRICK-PC on 23-10-2013 09:54:31

Running from C:\Users\Patrick\Downloads

Microsoft® Windows Vista™ Ultimate  Service Pack 2 (X86) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Normal

 

==================== Processes (Whitelisted) ===================

 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Nalpeiron Ltd.) C:\Windows\SYSTEM32\astsrv.exe

() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

(Symantec Corporation) C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

() C:\Windows\system32\PnkBstrA.exe

(Wondershare) C:\Program Files\Wondershare\Wondershare Application Center\WACService.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe

(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Symantec Corporation) C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe

(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe

(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\system32\wuauclt.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-10-30] (Realtek Semiconductor)

HKLM\...\Run: [instaLAN] - C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-04-29] (Affinegy, Inc.)

HKLM\...\Run: [switchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKCU\...\Run: [AdobeBridge] - [x]

HKCU\...\Run: [Google Update] - C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-28] (Google Inc.)

HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)

MountPoints2: {ab67b29b-711e-11e0-9f0e-d69220716e3a} - G:\LaunchU3.exe -a

HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

 

==================== Internet (Whitelisted) ====================

 


HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D961AEA4714CD01

SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_5&idate=2013-10-22&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}

SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_5&idate=2013-10-22&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}

SearchScopes: HKCU - {A86CB93C-AF88-B5FE-F4D9-E79E5C6A4474} URL = http://www.startnow.com/s/?q={searchTerms}&src=defsearch&provider=Bing&provider_code=Z058&partner_id=300&product_id=409&affiliate_id=&channel=VLCTLNSINGLE04_NCEX_PLUSY&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110613&user_guid=FAEB450CDED04D2BBDF422553F016505&machine_id=163cc914bf5ad408a5666860060cc495&browser=IE&os=win&os_version=6.0-x86-SP2

SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=retail&geo=US&ver=6&gct=kwd&qsrc=2869

SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyE4iuSoP&i=26


BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File

Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)



Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

 

Chrome: 

=======

CHR RestoreOnStartup:       "urls_to_restore_on_startup": null

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)

CHR Plugin: (Java Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No File

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File

CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll No File

CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File

CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File

CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File

CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (live player) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnoocjdgpaeliplnkbhbpccighjkeef\3.2_0

CHR Extension: (Norton Identity Protection) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0

CHR Extension: (Chrome In-App Payments service) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0

CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0

CHR Extension: (Gmail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR HKLM\...\Chrome\Extension: [bcjagnifjocnddgeknajocbkkhlgibem] - C:\Program Files\Chrome\surfcanyon.crx

CHR HKLM\...\Chrome\Extension: [cpoooaodibfldhiobnmnjliddplmekeb] - C:\Users\Patrick\AppData\Local\CRE\cpoooaodibfldhiobnmnjliddplmekeb.crx

CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx

CHR HKLM\...\Chrome\Extension: [hcnoocjdgpaeliplnkbhbpccighjkeef] - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lp.crx

CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx

CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx

CHR HKLM\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\Patrick\AppData\Local\Temp\Vuze_Toolbar.crx

CHR StartMenuInternet: Google Chrome - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

========================== Services (Whitelisted) =================

 

R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-04-29] (Affinegy, Inc.)

R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152064 2010-02-17] ()

R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] ()

R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios)

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 N360; C:\Program Files\Norton 360\Engine\20.4.0.40\diMaster.dll [556336 2013-05-29] (Symantec Corporation)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-08-02] ()

R2 WACService; C:\Program Files\Wondershare\Wondershare Application Center\WACService.exe [103272 2012-11-09] (Wondershare)

 

==================== Drivers (Whitelisted) ====================

 

R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys [1097304 2013-10-01] (Symantec Corporation)

R1 ccSet_N360; C:\Windows\system32\drivers\N360\1404000.028\ccSetx86.sys [134744 2013-04-15] (Symantec Corporation)

R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)

R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-26] (Symantec Corporation)

R1 ElRawDisk; C:\Windows\system32\drivers\dddsk.sys [22312 2009-02-12] (EldoS Corporation)

R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-26] (Symantec Corporation)

S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)

R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20131022.001\IDSvix86.sys [393816 2013-10-16] (Symantec Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-10-23] (Malwarebytes Corporation)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-17] ()

R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131023.002\NAVENG.SYS [93272 2013-08-28] (Symantec Corporation)

R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131023.002\NAVEX15.SYS [1612376 2013-08-28] (Symantec Corporation)

S3 SkyhawkeUSBLan; C:\Windows\System32\DRIVERS\btblan.sys [40560 2010-04-15] (Belcarra Technologies)

R3 SRTSP; C:\Windows\System32\Drivers\N360\1404000.028\SRTSP.SYS [603224 2013-05-15] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\N360\1404000.028\SRTSPX.SYS [32344 2013-03-04] (Symantec Corporation)

R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)

R0 SymDS; C:\Windows\System32\drivers\N360\1404000.028\SYMDS.SYS [367704 2013-05-20] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\N360\1404000.028\SYMEFA.SYS [934488 2013-05-22] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-17] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\N360\1404000.028\Ironx86.SYS [175264 2013-03-04] (Symantec Corporation)

R1 SYMTDIv; C:\Windows\System32\Drivers\N360\1404000.028\SYMTDIV.SYS [352344 2013-04-24] (Symantec Corporation)

S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org)

S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-20] (Microsoft Corporation)

S3 EagleNT; No ImagePath

S3 EagleXNt; No ImagePath

S3 IpInIp; system32\DRIVERS\ipinip.sys [x]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

S3 XDva386; No ImagePath

S3 XDva389; No ImagePath

S3 XDva401; No ImagePath

U3 mbr; \??\C:\Users\Patrick\AppData\Local\Temp\mbr.sys [x]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-10-23 09:54 - 2013-10-23 09:54 - 00000000 ____D C:\FRST

2013-10-23 09:53 - 2013-10-23 09:53 - 01088113 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe

2013-10-23 09:27 - 2013-10-23 09:27 - 00016338 _____ C:\Users\Patrick\Desktop\dds.txt

2013-10-23 09:27 - 2013-10-23 09:27 - 00011035 _____ C:\Users\Patrick\Desktop\attach.txt

2013-10-23 09:25 - 2013-10-23 09:25 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.scr

2013-10-23 09:16 - 2013-10-23 09:16 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys

2013-10-23 00:18 - 2013-10-23 00:21 - 00000000 ____D C:\Windows\system32\MRT

2013-10-23 00:11 - 2013-09-22 03:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-10-23 00:11 - 2013-09-22 03:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-10-23 00:11 - 2013-09-22 03:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-10-23 00:11 - 2013-09-22 03:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-10-23 00:11 - 2013-09-22 03:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-10-23 00:11 - 2013-09-22 03:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-10-23 00:11 - 2013-09-22 03:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-10-23 00:11 - 2013-09-22 03:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-10-23 00:11 - 2013-09-22 03:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-10-23 00:11 - 2013-09-22 03:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-10-23 00:11 - 2013-09-22 03:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-10-23 00:11 - 2013-09-22 03:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-10-23 00:11 - 2013-09-22 03:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-10-23 00:11 - 2013-09-22 03:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-10-23 00:11 - 2013-09-22 03:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-10-23 00:11 - 2013-09-22 02:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-10-22 23:56 - 2013-08-26 19:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2013-10-22 23:56 - 2013-08-26 19:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2013-10-22 23:56 - 2013-08-26 19:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2013-10-22 23:56 - 2013-08-26 19:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2013-10-22 23:56 - 2013-08-26 18:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2013-10-22 23:56 - 2013-08-26 18:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2013-10-22 23:56 - 2013-08-26 18:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2013-10-22 23:56 - 2013-08-26 18:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-10-22 23:56 - 2013-08-26 18:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2013-10-22 23:55 - 2013-08-29 00:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-10-22 23:55 - 2013-08-01 21:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-10-22 23:55 - 2013-07-31 20:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2013-10-22 23:55 - 2013-07-31 19:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2013-10-22 23:55 - 2013-07-20 03:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-22 23:55 - 2013-07-17 12:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-10-22 23:55 - 2013-07-15 21:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll

2013-10-22 23:55 - 2013-07-10 02:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2013-10-22 23:55 - 2013-07-09 05:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2013-10-22 23:55 - 2013-07-07 21:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2013-10-22 23:55 - 2013-07-07 21:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-10-22 23:55 - 2013-07-04 20:20 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2013-10-22 23:55 - 2013-07-04 18:43 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2013-10-22 23:55 - 2013-06-28 19:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2013-10-22 23:55 - 2013-06-28 19:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2013-10-22 23:55 - 2013-06-28 19:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2013-10-22 23:55 - 2013-06-28 19:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2013-10-22 23:55 - 2013-06-15 06:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll

2013-10-22 23:55 - 2013-06-15 04:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2013-10-22 23:55 - 2013-05-01 21:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2013-10-22 23:55 - 2013-05-01 21:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll

2013-10-22 23:55 - 2013-04-23 21:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2013-10-22 23:55 - 2013-04-23 18:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2013-10-22 23:55 - 2013-03-03 12:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2013-10-22 23:55 - 2011-05-05 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2013-10-22 23:55 - 2011-05-05 06:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2013-10-22 23:54 - 2013-06-26 16:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2013-10-22 23:54 - 2013-04-17 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2013-10-22 23:51 - 2013-07-03 21:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2013-10-22 23:51 - 2013-07-02 19:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2013-10-22 23:51 - 2013-06-03 21:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2013-10-22 23:51 - 2013-06-03 18:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2013-10-22 23:50 - 2013-05-31 21:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-10-22 23:48 - 2013-07-07 21:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2013-10-22 23:48 - 2013-07-07 21:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2013-10-22 23:48 - 2013-07-07 21:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2013-10-22 23:48 - 2013-07-07 21:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2013-10-22 23:06 - 2013-10-23 08:49 - 00018556 _____ C:\Windows\PFRO.log

2013-10-22 22:53 - 2013-10-22 22:53 - 00004112 _____ C:\{5BA4C780-048B-48BB-B16B-A4B689A7A42A}

2013-10-22 16:49 - 2013-10-22 16:49 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-10-22 16:49 - 2013-10-22 16:49 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-10-22 16:49 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-10-22 16:46 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-10-22 16:45 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe

2013-10-22 15:53 - 2013-10-22 15:53 - 00365546 _____ C:\Users\Patrick\Documents\cc_20131022_155305.reg

2013-10-22 15:33 - 2013-10-22 15:33 - 00000815 _____ C:\Users\Public\Desktop\CCleaner.lnk

2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\CCleaner

2013-10-22 15:29 - 2013-10-22 15:29 - 04369632 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup406.exe

2013-10-22 15:08 - 2013-10-22 15:08 - 00000000 ____D C:\ProgramData\PC1Data

2013-10-22 15:08 - 2013-10-22 15:07 - 05403344 _____ (PC Cleaners) C:\ProgramData\pclunst.exe

2013-10-22 15:07 - 2013-10-22 15:07 - 05403344 _____ (PC Cleaners) C:\Users\Patrick\Downloads\PC_Pro_Installer2.exe

2013-10-22 15:03 - 2013-10-22 23:06 - 00000370 _____ C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job

2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry_Cleaner_Pro

2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry Cleaner Pro

2013-10-22 15:00 - 2013-10-22 15:00 - 00894600 _____ (CNET Download.com) C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe

2013-10-22 14:56 - 2013-10-22 14:56 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\LavasoftStatistics

2013-10-22 14:36 - 2013-10-22 16:00 - 00000000 ____D C:\Program Files\Lavasoft

2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SecureSearch

2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Local\adawarebp

2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection

2013-10-22 14:34 - 2013-10-22 14:34 - 00000000 ____D C:\ProgramData\Lavasoft

2013-10-22 14:33 - 2013-10-22 14:33 - 01724552 _____ C:\Users\Patrick\Downloads\Adaware_Installer.exe

2013-10-22 10:52 - 2013-10-22 10:52 - 00000000 ____D C:\Users\Patrick\Desktop\DriversEd

2013-10-20 09:40 - 2013-10-22 22:50 - 00000000 ____D C:\a

2013-10-20 09:40 - 2013-10-20 09:40 - 00589624 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (7).exe

2013-10-20 09:39 - 2013-10-20 09:39 - 00619911 _____ C:\Users\Patrick\Downloads\HDvideo-v4.exe

2013-10-20 09:31 - 2013-10-20 09:32 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe

2013-10-17 18:19 - 2013-10-17 18:19 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe

2013-10-11 11:28 - 2013-10-11 11:28 - 01676815 _____ C:\Users\Patrick\Downloads\03 (3).wmv

2013-10-11 11:27 - 2013-10-11 11:27 - 01684824 _____ C:\Users\Patrick\Downloads\01 (3).wmv

2013-10-11 11:27 - 2013-10-11 11:27 - 01652744 _____ C:\Users\Patrick\Downloads\02 (1).wmv

2013-10-11 11:24 - 2013-10-11 11:25 - 01637763 _____ C:\Users\Patrick\Downloads\mrs_johnson_mrs_rae_2.wmv

2013-10-11 11:23 - 2013-10-11 11:23 - 02837763 _____ C:\Users\Patrick\Downloads\mrs_hills_1.wmv

2013-10-11 11:23 - 2013-10-11 11:23 - 01661763 _____ C:\Users\Patrick\Downloads\mrs_hills_2.wmv

2013-10-11 11:23 - 2013-10-11 11:23 - 01117763 _____ C:\Users\Patrick\Downloads\mrs_hills_3.wmv

2013-10-11 11:22 - 2013-10-11 11:22 - 01791510 _____ C:\Users\Patrick\Downloads\3 (7).wmv

2013-10-11 11:22 - 2013-10-11 11:22 - 01751259 _____ C:\Users\Patrick\Downloads\2 (2).wmv

2013-10-11 11:22 - 2013-10-11 11:22 - 00005523 _____ C:\Users\Patrick\Downloads\1 (1).wmv

2013-10-11 11:19 - 2013-10-11 11:19 - 01714670 _____ C:\Users\Patrick\Downloads\3 (6).wmv

2013-10-11 11:16 - 2013-10-11 11:16 - 01644195 _____ C:\Users\Patrick\Downloads\juliet_echo_06.mpg

2013-10-11 11:16 - 2013-10-11 11:16 - 01597289 _____ C:\Users\Patrick\Downloads\juliet_echo_04.mpg

2013-10-11 11:16 - 2013-10-11 11:16 - 01597263 _____ C:\Users\Patrick\Downloads\juliet_echo_03.mpg

2013-10-11 11:16 - 2013-10-11 11:16 - 01596302 _____ C:\Users\Patrick\Downloads\juliet_echo_05.mpg

2013-10-11 10:27 - 2013-10-11 10:27 - 01173497 _____ C:\Users\Patrick\Downloads\05 (1).wmv

2013-10-11 10:25 - 2013-10-11 10:25 - 01141497 _____ C:\Users\Patrick\Downloads\03 (2).wmv

2013-10-11 10:25 - 2013-10-11 10:25 - 01093497 _____ C:\Users\Patrick\Downloads\04 (2).wmv

2013-10-11 10:23 - 2013-10-11 10:23 - 01141497 _____ C:\Users\Patrick\Downloads\03 (1).wmv

2013-10-11 10:22 - 2013-10-11 10:22 - 01173497 _____ C:\Users\Patrick\Downloads\01 (2).wmv

2013-10-11 10:22 - 2013-10-11 10:22 - 01173497 _____ C:\Users\Patrick\Downloads\01 (1).wmv

2013-10-11 10:22 - 2013-10-11 10:22 - 01093497 _____ C:\Users\Patrick\Downloads\04 (1).wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\05.wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\01.wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01165497 _____ C:\Users\Patrick\Downloads\02.wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01141497 _____ C:\Users\Patrick\Downloads\03.wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01093497 _____ C:\Users\Patrick\Downloads\04.wmv

2013-10-10 18:44 - 2013-10-10 18:44 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe

2013-10-09 08:17 - 2013-10-09 08:17 - 00000068 _____ C:\Windows\system32\ttt.bat

2013-10-07 18:41 - 2013-10-07 18:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe

2013-10-06 14:25 - 2013-10-06 14:25 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe

2013-10-06 14:03 - 2013-10-06 14:03 - 00743634 _____ C:\Users\Patrick\Downloads\steak___kidney_pie.bmp

2013-10-06 10:53 - 2013-10-06 10:53 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe

2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uPlayer

2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uPlayer

2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Program Files\uPlayer

2013-10-06 10:42 - 2013-10-20 09:43 - 20914176 _____ C:\Users\Patrick\Downloads\uPlayer.msi

2013-10-06 10:41 - 2013-10-06 10:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe

2013-10-05 14:34 - 2013-10-05 14:34 - 00002093 _____ C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk

2013-10-05 14:15 - 2013-10-05 14:15 - 00002021 _____ C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk

2013-10-04 21:22 - 2013-10-04 21:22 - 00000000 ____D C:\Users\Patrick\Documents\Electronic Arts

2013-10-04 21:18 - 2013-10-04 21:18 - 00002080 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk

2013-10-04 21:18 - 2013-10-04 21:15 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll

2013-09-24 10:19 - 2013-09-24 10:19 - 02756981 _____ C:\Users\Patrick\Downloads\03 (1).mpg

2013-09-24 10:17 - 2013-09-24 10:17 - 02793845 _____ C:\Users\Patrick\Downloads\01.mpg

2013-09-24 10:17 - 2013-09-24 10:17 - 02756981 _____ C:\Users\Patrick\Downloads\03.mpg

2013-09-24 10:17 - 2013-09-24 10:17 - 02673447 _____ C:\Users\Patrick\Downloads\02.mpg

2013-09-24 08:57 - 2013-09-24 08:57 - 01578377 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug1 (1).wmv

2013-09-24 08:56 - 2013-09-24 08:56 - 01651957 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug2.wmv

2013-09-24 08:56 - 2013-09-24 08:56 - 01597000 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug3.wmv

2013-09-24 08:56 - 2013-09-24 08:56 - 01578377 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug1.wmv

 

==================== One Month Modified Files and Folders =======

 

2013-10-23 09:54 - 2013-10-23 09:54 - 00000000 ____D C:\FRST

2013-10-23 09:53 - 2013-10-23 09:53 - 01088113 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe

2013-10-23 09:53 - 2006-11-02 05:46 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2013-10-23 09:53 - 2006-11-02 05:46 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2013-10-23 09:41 - 2013-02-26 18:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-10-23 09:41 - 2011-04-28 12:07 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA.job

2013-10-23 09:41 - 2011-04-28 12:07 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core.job

2013-10-23 09:37 - 2011-06-11 02:22 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-10-23 09:27 - 2013-10-23 09:27 - 00016338 _____ C:\Users\Patrick\Desktop\dds.txt

2013-10-23 09:27 - 2013-10-23 09:27 - 00011035 _____ C:\Users\Patrick\Desktop\attach.txt

2013-10-23 09:25 - 2013-10-23 09:25 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.scr

2013-10-23 09:25 - 2011-04-27 15:28 - 00001356 _____ C:\Users\Patrick\AppData\Local\d3d9caps.dat

2013-10-23 09:16 - 2013-10-23 09:16 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys

2013-10-23 09:12 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache

2013-10-23 09:06 - 2009-04-11 05:38 - 01224447 _____ C:\Windows\WindowsUpdate.log

2013-10-23 09:01 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET

2013-10-23 08:58 - 2006-11-02 03:33 - 01614504 _____ C:\Windows\system32\PerfStringBackup.INI

2013-10-23 08:52 - 2011-06-11 02:22 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-10-23 08:51 - 2012-06-05 15:45 - 00000414 _____ C:\Windows\Tasks\PC Optimizer Pro startups.job

2013-10-23 08:50 - 2006-11-02 06:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-10-23 08:50 - 2006-11-02 05:46 - 03714840 _____ C:\Windows\system32\FNTCACHE.DAT

2013-10-23 08:49 - 2013-10-22 23:06 - 00018556 _____ C:\Windows\PFRO.log

2013-10-23 08:49 - 2012-11-06 13:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-10-23 08:47 - 2006-11-02 06:00 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-10-23 08:47 - 2006-11-02 05:35 - 00000000 ____D C:\Windows\system32\XPSViewer

2013-10-23 08:47 - 2006-11-02 05:35 - 00000000 ____D C:\Program Files\Windows Journal

2013-10-23 00:34 - 2006-11-02 03:23 - 00000240 _____ C:\Windows\win.ini

2013-10-23 00:21 - 2013-10-23 00:18 - 00000000 ____D C:\Windows\system32\MRT

2013-10-22 23:49 - 2011-04-27 15:28 - 00079008 _____ C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT

2013-10-22 23:09 - 2012-03-12 12:18 - 00000000 ____D C:\Users\Patrick\Desktop\MoreGames

2013-10-22 23:06 - 2013-10-22 15:03 - 00000370 _____ C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job

2013-10-22 23:06 - 2011-05-03 08:22 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment

2013-10-22 22:53 - 2013-10-22 22:53 - 00004112 _____ C:\{5BA4C780-048B-48BB-B16B-A4B689A7A42A}

2013-10-22 22:50 - 2013-10-20 09:40 - 00000000 ____D C:\a

2013-10-22 16:49 - 2013-10-22 16:49 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-10-22 16:49 - 2013-10-22 16:49 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-10-22 16:46 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-10-22 16:46 - 2013-10-22 16:45 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe

2013-10-22 16:10 - 2012-07-19 09:06 - 00000002 _____ C:\Windows\system32\HRUPPROG.TXT

2013-10-22 16:07 - 2013-01-13 10:34 - 00000000 ____D C:\Users\Patrick\Documents\Silo Data

2013-10-22 16:04 - 2012-06-05 15:40 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-10-22 16:00 - 2013-10-22 14:36 - 00000000 ____D C:\Program Files\Lavasoft

2013-10-22 15:53 - 2013-10-22 15:53 - 00365546 _____ C:\Users\Patrick\Documents\cc_20131022_155305.reg

2013-10-22 15:48 - 2011-05-11 14:23 - 00000000 ____D C:\Program Files\Steam

2013-10-22 15:48 - 2011-05-09 16:07 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Vso

2013-10-22 15:47 - 2013-05-08 09:18 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client

2013-10-22 15:47 - 2012-12-23 12:26 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Ventrilo

2013-10-22 15:47 - 2011-05-09 08:04 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Azureus

2013-10-22 15:37 - 2013-05-05 07:31 - 00000000 ____D C:\Windows\Minidump

2013-10-22 15:37 - 2013-03-22 07:40 - 00000000 ____D C:\Users\Patrick\AppData\Local\CrashDumps

2013-10-22 15:37 - 2011-04-27 16:15 - 00000000 ____D C:\Windows\Panther

2013-10-22 15:33 - 2013-10-22 15:33 - 00000815 _____ C:\Users\Public\Desktop\CCleaner.lnk

2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\CCleaner

2013-10-22 15:29 - 2013-10-22 15:29 - 04369632 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup406.exe

2013-10-22 15:08 - 2013-10-22 15:08 - 00000000 ____D C:\ProgramData\PC1Data

2013-10-22 15:07 - 2013-10-22 15:08 - 05403344 _____ (PC Cleaners) C:\ProgramData\pclunst.exe

2013-10-22 15:07 - 2013-10-22 15:07 - 05403344 _____ (PC Cleaners) C:\Users\Patrick\Downloads\PC_Pro_Installer2.exe

2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry_Cleaner_Pro

2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry Cleaner Pro

2013-10-22 15:00 - 2013-10-22 15:00 - 00894600 _____ (CNET Download.com) C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe

2013-10-22 14:56 - 2013-10-22 14:56 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\LavasoftStatistics

2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SecureSearch

2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Local\adawarebp

2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection

2013-10-22 14:34 - 2013-10-22 14:34 - 00000000 ____D C:\ProgramData\Lavasoft

2013-10-22 14:33 - 2013-10-22 14:33 - 01724552 _____ C:\Users\Patrick\Downloads\Adaware_Installer.exe

2013-10-22 10:52 - 2013-10-22 10:52 - 00000000 ____D C:\Users\Patrick\Desktop\DriversEd

2013-10-21 17:05 - 2011-06-11 05:48 - 00000406 ____H C:\Windows\Tasks\Norton Security Scan for Patrick.job

2013-10-20 09:43 - 2013-10-06 10:42 - 20914176 _____ C:\Users\Patrick\Downloads\uPlayer.msi

2013-10-20 09:40 - 2013-10-20 09:40 - 00589624 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (7).exe

2013-10-20 09:39 - 2013-10-20 09:39 - 00619911 _____ C:\Users\Patrick\Downloads\HDvideo-v4.exe

2013-10-20 09:32 - 2013-10-20 09:31 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe

2013-10-17 22:25 - 2012-07-13 09:02 - 00002063 _____ C:\Users\Patrick\Desktop\Google Chrome.lnk

2013-10-17 18:19 - 2013-10-17 18:19 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe

2013-10-12 19:08 - 2011-05-08 12:17 - 00000000 ____D C:\Users\Patrick\Desktop\New Folder

2013-10-12 17:23 - 2011-05-03 08:31 - 00000000 ____D C:\Users\Patrick\Documents\StarCraft II

2013-10-11 11:28 - 2013-10-11 11:28 - 01676815 _____ C:\Users\Patrick\Downloads\03 (3).wmv

2013-10-11 11:27 - 2013-10-11 11:27 - 01684824 _____ C:\Users\Patrick\Downloads\01 (3).wmv

2013-10-11 11:27 - 2013-10-11 11:27 - 01652744 _____ C:\Users\Patrick\Downloads\02 (1).wmv

2013-10-11 11:25 - 2013-10-11 11:24 - 01637763 _____ C:\Users\Patrick\Downloads\mrs_johnson_mrs_rae_2.wmv

2013-10-11 11:23 - 2013-10-11 11:23 - 02837763 _____ C:\Users\Patrick\Downloads\mrs_hills_1.wmv

2013-10-11 11:23 - 2013-10-11 11:23 - 01661763 _____ C:\Users\Patrick\Downloads\mrs_hills_2.wmv

2013-10-11 11:23 - 2013-10-11 11:23 - 01117763 _____ C:\Users\Patrick\Downloads\mrs_hills_3.wmv

2013-10-11 11:22 - 2013-10-11 11:22 - 01791510 _____ C:\Users\Patrick\Downloads\3 (7).wmv

2013-10-11 11:22 - 2013-10-11 11:22 - 01751259 _____ C:\Users\Patrick\Downloads\2 (2).wmv

2013-10-11 11:22 - 2013-10-11 11:22 - 00005523 _____ C:\Users\Patrick\Downloads\1 (1).wmv

2013-10-11 11:19 - 2013-10-11 11:19 - 01714670 _____ C:\Users\Patrick\Downloads\3 (6).wmv

2013-10-11 11:16 - 2013-10-11 11:16 - 01644195 _____ C:\Users\Patrick\Downloads\juliet_echo_06.mpg

2013-10-11 11:16 - 2013-10-11 11:16 - 01597289 _____ C:\Users\Patrick\Downloads\juliet_echo_04.mpg

2013-10-11 11:16 - 2013-10-11 11:16 - 01597263 _____ C:\Users\Patrick\Downloads\juliet_echo_03.mpg

2013-10-11 11:16 - 2013-10-11 11:16 - 01596302 _____ C:\Users\Patrick\Downloads\juliet_echo_05.mpg

2013-10-11 10:27 - 2013-10-11 10:27 - 01173497 _____ C:\Users\Patrick\Downloads\05 (1).wmv

2013-10-11 10:25 - 2013-10-11 10:25 - 01141497 _____ C:\Users\Patrick\Downloads\03 (2).wmv

2013-10-11 10:25 - 2013-10-11 10:25 - 01093497 _____ C:\Users\Patrick\Downloads\04 (2).wmv

2013-10-11 10:23 - 2013-10-11 10:23 - 01141497 _____ C:\Users\Patrick\Downloads\03 (1).wmv

2013-10-11 10:22 - 2013-10-11 10:22 - 01173497 _____ C:\Users\Patrick\Downloads\01 (2).wmv

2013-10-11 10:22 - 2013-10-11 10:22 - 01173497 _____ C:\Users\Patrick\Downloads\01 (1).wmv

2013-10-11 10:22 - 2013-10-11 10:22 - 01093497 _____ C:\Users\Patrick\Downloads\04 (1).wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\05.wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\01.wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01165497 _____ C:\Users\Patrick\Downloads\02.wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01141497 _____ C:\Users\Patrick\Downloads\03.wmv

2013-10-11 10:21 - 2013-10-11 10:21 - 01093497 _____ C:\Users\Patrick\Downloads\04.wmv

2013-10-10 18:44 - 2013-10-10 18:44 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe

2013-10-09 08:17 - 2013-10-09 08:17 - 00000068 _____ C:\Windows\system32\ttt.bat

2013-10-09 07:41 - 2013-02-26 18:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2013-10-09 07:41 - 2012-07-25 12:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2013-10-07 18:41 - 2013-10-07 18:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe

2013-10-06 14:26 - 2010-07-27 08:02 - 00000000 ____D C:\StarCraft II

2013-10-06 14:25 - 2013-10-06 14:25 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe

2013-10-06 14:03 - 2013-10-06 14:03 - 00743634 _____ C:\Users\Patrick\Downloads\steak___kidney_pie.bmp

2013-10-06 10:53 - 2013-10-06 10:53 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe

2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uPlayer

2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uPlayer

2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Program Files\uPlayer

2013-10-06 10:41 - 2013-10-06 10:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe

2013-10-05 14:34 - 2013-10-05 14:34 - 00002093 _____ C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk

2013-10-05 14:34 - 2011-04-27 15:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

2013-10-05 14:26 - 2011-09-17 19:11 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2013-10-05 14:15 - 2013-10-05 14:15 - 00002021 _____ C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk

2013-10-05 14:11 - 2013-08-14 14:54 - 00000000 ____D C:\Program Files\Origin Games

2013-10-05 14:04 - 2011-07-28 22:39 - 00000000 ____D C:\Program Files\Origin

2013-10-04 21:22 - 2013-10-04 21:22 - 00000000 ____D C:\Users\Patrick\Documents\Electronic Arts

2013-10-04 21:18 - 2013-10-04 21:18 - 00002080 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk

2013-10-04 21:15 - 2013-10-04 21:18 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll

2013-09-26 02:19 - 2006-11-02 03:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2013-09-24 10:19 - 2013-09-24 10:19 - 02756981 _____ C:\Users\Patrick\Downloads\03 (1).mpg

2013-09-24 10:17 - 2013-09-24 10:17 - 02793845 _____ C:\Users\Patrick\Downloads\01.mpg

2013-09-24 10:17 - 2013-09-24 10:17 - 02756981 _____ C:\Users\Patrick\Downloads\03.mpg

2013-09-24 10:17 - 2013-09-24 10:17 - 02673447 _____ C:\Users\Patrick\Downloads\02.mpg

2013-09-24 08:57 - 2013-09-24 08:57 - 01578377 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug1 (1).wmv

2013-09-24 08:56 - 2013-09-24 08:56 - 01651957 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug2.wmv

2013-09-24 08:56 - 2013-09-24 08:56 - 01597000 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug3.wmv

2013-09-24 08:56 - 2013-09-24 08:56 - 01578377 _____ C:\Users\Patrick\Downloads\dee_hot_wife_tracy_clubtug1.wmv

 

Files to move or delete:

====================

C:\ProgramData\.glInit02.dat

C:\ProgramData\pclunst.exe

C:\Users\Patrick\APB_Reloaded_Installer.exe

C:\Users\Patrick\Fallen_Earth_20110728.exe

 

 

Some content of TEMP:

====================

C:\Users\Patrick\AppData\Local\Temp\7b68842b-dbcf-47b7-9a2a-b1db9121dc2f.exe

C:\Users\Patrick\AppData\Local\Temp\d4a3684f-6bb1-4f43-8cad-9e4c5138cffe.exe

C:\Users\Patrick\AppData\Local\Temp\oi_{115DDDCF-9CBB-4871-AF50-D1933FBF1B1D}.exe

C:\Users\Patrick\AppData\Local\Temp\UNINSTALL.EXE

C:\Users\Patrick\AppData\Local\Temp\Uninstaller-5316.exe

C:\Users\Patrick\AppData\Local\Temp\Uninstaller-7300.exe

C:\Users\Patrick\AppData\Local\Temp\Uninstaller-7936.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-10-23 08:55

 

==================== End Of Log ============================

Link to post
Share on other sites

hmmm... couldn't find attach for the next file soo... hope this is ok -

 

addition text -

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-10-2013 01
Ran by Patrick at 2013-10-23 09:56:12
Running from C:\Users\Patrick\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
1912: Titanic Mystery
Ad-Aware Browsing Protection (Version: 1.0.1.124)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader X (10.0.1) (Version: 10.0.1)
APB Reloaded (Version: 1.3.3.560517)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® L1 Gigabit Ethernet Driver (Version: 2.4.7.10)
AutoHotkey 1.1.09.02 (Version: 1.1.09.02)
AVCWare Ringtone Maker (Version: 2.0.5.20120712)
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center (Version: 1.1.3)
Big Fish: Game Manager (Version: 3.2.0.4)
Bonjour (Version: 3.0.0.10)
CaddieSync Express 1.4.3 (Version: 1.4.3)
CCleaner (Version: 4.06)
Chivalry: Medieval Warfare
ConvertXtoDVD 4.1.19.364 (Version: 4.1.19.364)
Counter-Strike: Global Offensive
Darkfall Unholy Wars 2.1.0.8 (Version: 2.1.0.8)
Dead Space™ 3 (Version: 1.0.0.0)
DivxToDVD 0.5.2b (Version: 0.5.2b)
Fishdom H2O: Hidden Odyssey ™
GamersFirst LIVE!
Ghost Mouse Auto Clicker 3.7
G-Hotkey version 3.62
GIMP 2.8.2 (Version: 2.8.2)
Global Agenda Live (Version: 1.5.1.5)
Google Chrome (HKCU Version: 30.0.1599.101)
Google Update Helper (Version: 1.3.21.165)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
Java 7 Update 40 (Version: 7.0.400)
Java Auto Updater (Version: 2.1.9.8)
Java 6 Update 30 (Version: 6.0.300)
Loop Recorder (Version: 2.08)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 Language Pack - esn (Version: 3.5.21022)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Murder, She Wrote
Natural Selection 2
Norton 360 (Version: 20.4.0.40)
Norton Security Scan (Version: 3.1.1.6)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Controller Driver 326.01 (Version: 326.01)
NVIDIA Control Panel 327.23 (Version: 327.23)
NVIDIA Graphics Driver 327.23 (Version: 327.23)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.133.889)
NVIDIA PhysX (Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
Orcs Must Die! 2
Origin (Version: 9.3.1.4482)
PaperPort Image Printer (Version: 1.00.0000)
Paquete de idioma de Microsoft .NET Framework 3.5 - esn
Path of Exile (Version: 0.10.1.22906)
PDF Settings CS6 (Version: 11.0)
PL-2303 Vista Driver Installer (Version: 3.2.0.0)
Portal 2 Publishing Tool
PunkBuster Services (Version: 0.993)
Ravaged
Razer Game Booster (Version: 3.5.6.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5506)
ScanSoft PaperPort 11 (Version: 11.1.0000)
Serious Sam 3: BFE
SimCity 4 Deluxe
Six Updater (Version: 2.09.7016)
SkyCaddie Desktop
Smite (Version: 0.1.1433.0)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
Star Wars: The Old Republic (Version: 1.00)
StarCraft II (Version: 2.0.11.26825)
Steam (Version: 1.0.0.0)
Team Fortress 2
TeamSpeak 3 Client (Version: 3.0.11.1)
The Sims™ 3 (Version: 1.57.62)
The Sims™ 3 High-End Loft Stuff (Version: 3.0.38)
The Sims™ 3 Late Night (Version: 6.5.1)
The War Z version alpha (Version: alpha)
TrackMania Nations Forever
Ultimate Extras sounds from Microsoft® Tinker™
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
uPlayer (Version: 1.0.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client (Version: 3.0.8)
Visual Link Spanish Level I v. 4 (Version: 4.6.0000)
VTFEdit 1.3.2
Vuze (Version: 4.6)
WavePad Sound Editor
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Sound Schemes
WinRAR 4.20 (32-bit) (Version: 4.20.0)
WinZip 16.5 (Version: 16.5.10095)
Wondershare Application Center 1.0.0.58 (Version: 1.0.0.58)
XCOM: Enemy Unknown
Xfire (remove only)
 
==================== Restore Points  =========================
 
23-10-2013 06:37:51 Norton 360 Registry Clean
23-10-2013 06:56:47 Windows Update
23-10-2013 16:01:26 Windows Update
23-10-2013 16:04:04 Windows Update
 
==================== Hosts content: ==========================
 
2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {075F7B0C-8858-426A-81EA-5161F4D13E82} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {278C27EB-A44C-4ACA-9D62-D70A5EC66CD4} - System32\Tasks\Norton Security Scan for Patrick => C:\PROGRA~1\NORTON~2\Engine\311~1.6\Nss.exe [2012-10-03] (Symantec Corporation)
Task: {2EF1A2C3-210D-4AFD-BEB7-E51E7FD69C0C} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2FD42AB2-3FC9-4456-A517-52B72526495C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-11] (Google Inc.)
Task: {31E6B20C-E46F-4E0E-BA3E-F99F6DEC16A2} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: {3A950610-5351-4CF3-89BD-526A7E64AA8B} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {5A6D9831-D95C-4713-B4E9-F03D1644498F} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {95EB7A4D-0DAD-4170-AEDC-C0B9D8AE3D30} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1523673819-582981192-2884528013-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9B7DB194-ACBB-488D-9286-032028E57122} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {A8B47EED-1D17-4BC4-8051-7B8FEBEF0656} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {B25D4244-6254-4542-9A54-D5A933EC915A} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {B945FE20-0E76-4826-B335-74C05CC0F122} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28] (Google Inc.)
Task: {C00B680C-377C-4CE2-AC1F-02A52147C9AB} - System32\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba => C:\Program Files\Registry Cleaner Pro\Registry Cleaner Pro.exe
Task: {C313C996-C66F-43B2-BA0D-8C2C69A1C1EB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28] (Google Inc.)
Task: {CE964F7F-0644-449F-B60F-C5B4535F4CFD} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {CF9947D0-68C2-48BC-9087-9287B6B098C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-11] (Google Inc.)
Task: {E70D82C4-4A46-4281-B61F-22CC12E6DE76} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {E7561C5D-1116-4607-829F-2DC5417784A4} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1523673819-582981192-2884528013-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {EE4FA612-789C-43D8-AC0D-B3EE8E92ACA6} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
Task: {F33C6EA3-5F3A-45DC-8F25-F4D82D166066} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] ()
Task: {FBD53B80-F285-476D-9A3F-91DFC9875CF2} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2008-01-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core.job => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA.job => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Patrick.job => C:\PROGRA~1\NORTON~2\Engine\311~1.6\Nss.exe
Task: C:\Windows\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe
Task: C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job => C:\Program Files\Registry Cleaner Pro\Registry Cleaner Pro.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-10-18 19:37 - 2010-02-17 18:25 - 00132096 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2011-10-18 19:36 - 2011-02-15 14:15 - 00325632 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
2011-10-18 19:36 - 2011-02-15 14:15 - 01954304 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
2011-10-18 19:36 - 2011-02-15 14:16 - 07187456 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
2011-10-18 19:36 - 2011-02-15 14:15 - 00847360 _____ () C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
2011-10-18 19:36 - 2011-02-15 13:25 - 00119808 _____ () C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2013-06-09 00:32 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll
2011-10-18 19:36 - 2011-04-29 17:55 - 00658432 _____ () C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2011-10-18 19:36 - 2011-04-29 18:30 - 00022944 _____ () C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2013-10-17 22:22 - 2013-10-08 17:02 - 04055504 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-17 22:23 - 2013-10-08 17:02 - 00415184 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-17 22:22 - 2013-10-08 17:01 - 01604560 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2013-10-17 22:22 - 2013-10-08 17:01 - 00698832 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-17 22:22 - 2013-10-08 17:01 - 00099792 _____ () C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2F141B68
AlternateDataStreams: C:\ProgramData\TEMP:32A82570
AlternateDataStreams: C:\ProgramData\TEMP:C72A744C
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584
 
Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584
 
Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/22/2013 02:10:40 PM) (Source: Microsoft-Windows-RestartManager) (User: Patrick-PC)
Description: 0C:\StarCraft II\Versions\Base26490\SC2.exeStarCraft II0111772960
 
Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12261
 
Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12261
 
Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11247
 
Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11247
 
Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (10/23/2013 09:06:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070490Security Update for Windows Vista (KB2378111){B321FBFF-272A-4FAB-AE38-8D88C2FA7C7B}104
 
Error: (10/23/2013 09:06:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070490Update for Windows Vista (KB2345886){BEC4CDFE-9F15-4EF2-8317-95C6DE018424}101
 
Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state
 
Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state
 
Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state
 
Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state
 
Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state
 
Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state
 
Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state
 
Error: (10/23/2013 09:04:40 AM) (Source: Microsoft-Windows-Servicing) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB2378111 (Security Update) into Installed(Installed) state
 
 
Microsoft Office Sessions:
=========================
Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584
 
Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584
 
Error: (10/23/2013 02:00:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/22/2013 02:10:40 PM) (Source: Microsoft-Windows-RestartManager)(User: Patrick-PC)
Description: 0C:\StarCraft II\Versions\Base26490\SC2.exeStarCraft II0111772960
 
Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12261
 
Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12261
 
Error: (10/21/2013 11:54:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11247
 
Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11247
 
Error: (10/21/2013 11:54:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-10-23 09:55:48.405
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-23 09:55:48.283
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-23 09:55:48.160
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-23 09:55:48.046
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-23 09:55:44.249
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-23 09:55:44.131
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-23 09:55:43.984
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-23 09:55:43.848
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131002.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-23 09:20:38.124
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-23 09:20:38.013
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 53%
Total physical RAM: 3326.19 MB
Available physical RAM: 1539.36 MB
Total Pagefile: 6869.29 MB
Available Pagefile: 4561.81 MB
Total Virtual: 3071.88 MB
Available Virtual: 2930.36 MB
 
==================== Drives ================================
 
Drive c: (HP_PAVILION) (Fixed) (Total:298.09 GB) (Free:15.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (OFFICE11) (CDROM) (Total:0.39 GB) (Free:0 GB) CDFS
Drive f: (HP) (Fixed) (Total:288.85 GB) (Free:181.56 GB) NTFS
Drive g: (Recovery) (Fixed) (Total:9.24 GB) (Free:0.98 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 788A3B05)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=289 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Step 1

Please uninstall the following applications:

Ad-Aware Browsing Protection (Version: 1.0.1.124)

Vuze (Version: 4.6)

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4

Open Notepad (Start => All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open Notepad and select Paste). Save it on the same directory as FRST.exe and save it as fixlist.txt

 

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.

The tool will make a log (Fixlog.txt) please post it to your reply.

Reboot Normally.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • FRST log
Link to post
Share on other sites

Ok, Sorry about that.  

 

JRT log -

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:2)
OS: Windows Vista Ultimate x86
Ran by Patrick on Fri 10/25/2013 at 17:01:52.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pc optimizer pro
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\visualbee
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\supreme savings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\visualbee
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\domaiq uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A86CB93C-AF88-B5FE-F4D9-E79E5C6A4474}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E79867C4-2396-4AF7-8554-7331D9116505}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Windows\Tasks\pc optimizer pro startups.job"
Successfully deleted: [File] "C:\end"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\pc1data"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"
Successfully deleted: [Folder] "C:\Users\Patrick\AppData\Roaming\fixcleaner"
Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\big fish"
Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\coupon companion plugin"
Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Patrick\appdata\local\supreme savings"
Successfully deleted: [Folder] "C:\Users\Patrick\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Patrick\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\domaiq uninstaller"
Successfully deleted: [Folder] "C:\Program Files\fixcleaner"
Successfully deleted: [Folder] "C:\bigfishcache"
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [blacklisted Policy]
Successfully deleted: [Folder] C:\Users\Patrick\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 10/25/2013 at 17:06:05.97
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
I'm not sure which of these is the correct file, there is no "C:\AdwCleaner[s1].txt" there is AdwCleanerSOtxt.  and AdwCleanerR0.txt
 
 
AdwCleanerS0txt. -
 
 
# AdwCleaner v3.010 - Report created 25/10/2013 at 17:13:52
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista Ultimate Service Pack 2 (32 bits)
# Username : Patrick - PATRICK-PC
# Running from : C:\Users\Patrick\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
File Deleted : C:\Program Files\Mozilla Firefox\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16514
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2011 octets] - [25/10/2013 17:10:29]
AdwCleaner[s0].txt - [1964 octets] - [25/10/2013 17:13:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2024 octets] ##########
 
 
and AdwCleanerr0.txt.-
 
# AdwCleaner v3.010 - Report created 25/10/2013 at 17:10:29
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista Ultimate Service Pack 2 (32 bits)
# Username : Patrick - PATRICK-PC
# Running from : C:\Users\Patrick\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Program Files\Mozilla Firefox\user.js
Folder Found C:\ProgramData\Uniblue\DriverScanner
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem
Key Found : HKLM\Software\InfoAtoms
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16514
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1871 octets] - [25/10/2013 17:10:29]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1931 octets] ##########
 
 
 
and finally, FRST is not making a "Fixlog.txt" from what I can tell.  It just produces this FRST.text in notepad.  
 
this log is here - 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-10-2013 01
Ran by Patrick (administrator) on PATRICK-PC on 26-10-2013 09:00:59
Running from C:\Users\Patrick\Downloads
Microsoft® Windows Vista™ Ultimate  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Nalpeiron Ltd.) C:\Windows\SYSTEM32\astsrv.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\system32\PnkBstrA.exe
(Wondershare) C:\Program Files\Wondershare\Wondershare Application Center\WACService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-10-30] (Realtek Semiconductor)
HKLM\...\Run: [instaLAN] - C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-04-29] (Affinegy, Inc.)
HKLM\...\Run: [switchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Google Update] - C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-28] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
MountPoints2: {ab67b29b-711e-11e0-9f0e-d69220716e3a} - G:\LaunchU3.exe -a
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D961AEA4714CD01
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
Chrome: 
=======
CHR RestoreOnStartup:       "urls_to_restore_on_startup": null
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (live player) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnoocjdgpaeliplnkbhbpccighjkeef\3.2_0
CHR Extension: (Norton Identity Protection) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [cpoooaodibfldhiobnmnjliddplmekeb] - C:\Users\Patrick\AppData\Local\CRE\cpoooaodibfldhiobnmnjliddplmekeb.crx
CHR HKLM\...\Chrome\Extension: [hcnoocjdgpaeliplnkbhbpccighjkeef] - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lp.crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 AffinegyService; C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-04-29] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152064 2010-02-17] ()
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152 2010-02-09] ()
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files\Norton 360\Engine\20.4.0.40\diMaster.dll [556336 2013-05-29] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-08-02] ()
R2 WACService; C:\Program Files\Wondershare\Wondershare Application Center\WACService.exe [103272 2012-11-09] (Wondershare)
 
==================== Drivers (Whitelisted) ====================
 
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131022.001\BHDrvx86.sys [1096280 2013-10-22] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1404000.028\ccSetx86.sys [134744 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-26] (Symantec Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\dddsk.sys [22312 2009-02-12] (EldoS Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-26] (Symantec Corporation)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20131025.001\IDSvix86.sys [393816 2013-10-16] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-17] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131025.009\NAVENG.SYS [93272 2013-08-28] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131025.009\NAVEX15.SYS [1612376 2013-08-28] (Symantec Corporation)
S3 SkyhawkeUSBLan; C:\Windows\System32\DRIVERS\btblan.sys [40560 2010-04-15] (Belcarra Technologies)
R3 SRTSP; C:\Windows\System32\Drivers\N360\1404000.028\SRTSP.SYS [603224 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1404000.028\SRTSPX.SYS [32344 2013-03-04] (Symantec Corporation)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [247320 2009-06-22] (silex technology, Inc.)
R0 SymDS; C:\Windows\System32\drivers\N360\1404000.028\SYMDS.SYS [367704 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1404000.028\SYMEFA.SYS [934488 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1404000.028\Ironx86.SYS [175264 2013-03-04] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360\1404000.028\SYMTDIV.SYS [352344 2013-04-24] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [14416 2012-11-13] (OpenLibSys.org)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-20] (Microsoft Corporation)
S3 EagleNT; No ImagePath
S3 EagleXNt; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 XDva386; No ImagePath
S3 XDva389; No ImagePath
S3 XDva401; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-10-26 08:59 - 2013-10-26 08:59 - 00039329 _____ C:\Users\Patrick\Downloads\FRST (1).txt
2013-10-26 08:57 - 2013-10-26 08:57 - 01089001 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe
2013-10-26 08:49 - 2013-10-26 08:49 - 00002104 _____ C:\Users\Patrick\Downloads\AdwCleanerS0.txt
2013-10-26 08:49 - 2013-10-26 08:49 - 00002011 _____ C:\Users\Patrick\Downloads\AdwCleanerR0.txt
2013-10-26 08:46 - 2013-10-26 08:46 - 00006342 _____ C:\Users\Patrick\Downloads\JRT.txt
2013-10-25 17:21 - 2013-10-26 09:00 - 00000076 _____ C:\Users\Patrick\Downloads\fixlist.txt
2013-10-25 17:20 - 2013-10-25 17:20 - 00000136 _____ C:\Users\Patrick\fixlist.txt
2013-10-25 17:10 - 2013-10-25 17:14 - 00000000 ____D C:\AdwCleaner
2013-10-25 17:09 - 2013-10-25 17:09 - 01060070 _____ C:\Users\Patrick\Downloads\AdwCleaner.exe
2013-10-25 17:08 - 2013-10-25 17:08 - 01813288 _____ (Express Install       ) C:\Users\Patrick\Downloads\Setup.exe
2013-10-25 17:06 - 2013-10-25 17:06 - 00006342 _____ C:\Users\Patrick\Desktop\JRT.txt
2013-10-25 16:57 - 2013-10-25 16:57 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 16:48 - 2013-10-25 16:48 - 01033335 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe
2013-10-23 09:56 - 2013-10-23 09:56 - 00025255 _____ C:\Users\Patrick\Downloads\Addition.txt
2013-10-23 09:54 - 2013-10-23 09:54 - 00000000 ____D C:\FRST
2013-10-23 09:27 - 2013-10-23 09:27 - 00016338 _____ C:\Users\Patrick\Desktop\dds.txt
2013-10-23 09:27 - 2013-10-23 09:27 - 00011035 _____ C:\Users\Patrick\Desktop\attach.txt
2013-10-23 09:25 - 2013-10-23 09:25 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.scr
2013-10-23 00:18 - 2013-10-23 00:21 - 00000000 ____D C:\Windows\system32\MRT
2013-10-23 00:11 - 2013-09-22 03:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-23 00:11 - 2013-09-22 03:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-23 00:11 - 2013-09-22 03:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-23 00:11 - 2013-09-22 03:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-23 00:11 - 2013-09-22 03:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-23 00:11 - 2013-09-22 03:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-23 00:11 - 2013-09-22 03:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-23 00:11 - 2013-09-22 03:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-23 00:11 - 2013-09-22 03:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-23 00:11 - 2013-09-22 03:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-23 00:11 - 2013-09-22 03:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-23 00:11 - 2013-09-22 03:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-23 00:11 - 2013-09-22 03:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-23 00:11 - 2013-09-22 03:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-23 00:11 - 2013-09-22 03:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-23 00:11 - 2013-09-22 02:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-22 23:56 - 2013-08-26 19:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-22 23:56 - 2013-08-26 19:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-22 23:56 - 2013-08-26 19:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-22 23:56 - 2013-08-26 19:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-22 23:56 - 2013-08-26 18:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-22 23:56 - 2013-08-26 18:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-22 23:56 - 2013-08-26 18:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-22 23:56 - 2013-08-26 18:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-22 23:56 - 2013-08-26 18:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-22 23:55 - 2013-08-29 00:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-22 23:55 - 2013-08-01 21:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-10-22 23:55 - 2013-07-31 20:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-22 23:55 - 2013-07-31 19:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-22 23:55 - 2013-07-20 03:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-22 23:55 - 2013-07-17 12:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-10-22 23:55 - 2013-07-15 21:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-10-22 23:55 - 2013-07-10 02:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-10-22 23:55 - 2013-07-09 05:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-22 23:55 - 2013-07-07 21:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-10-22 23:55 - 2013-07-07 21:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-22 23:55 - 2013-07-04 20:20 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-22 23:55 - 2013-07-04 18:43 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-10-22 23:55 - 2013-06-28 19:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-22 23:55 - 2013-06-28 19:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-22 23:55 - 2013-06-28 19:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-22 23:55 - 2013-06-28 19:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-22 23:55 - 2013-06-15 06:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-10-22 23:55 - 2013-06-15 04:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-10-22 23:55 - 2013-05-01 21:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-10-22 23:55 - 2013-05-01 21:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-10-22 23:55 - 2013-04-23 21:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-10-22 23:55 - 2013-04-23 18:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-10-22 23:55 - 2013-03-03 12:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-10-22 23:55 - 2011-05-05 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-22 23:55 - 2011-05-05 06:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-22 23:54 - 2013-06-26 16:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-22 23:54 - 2013-04-17 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-10-22 23:51 - 2013-07-03 21:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-22 23:51 - 2013-07-02 19:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-22 23:51 - 2013-06-03 21:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-22 23:51 - 2013-06-03 18:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-22 23:50 - 2013-05-31 21:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-10-22 23:48 - 2013-07-07 21:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-10-22 23:48 - 2013-07-07 21:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-10-22 23:48 - 2013-07-07 21:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-10-22 23:48 - 2013-07-07 21:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-10-22 23:06 - 2013-10-25 17:15 - 00020040 _____ C:\Windows\PFRO.log
2013-10-22 22:53 - 2013-10-22 22:53 - 00004112 _____ C:\{5BA4C780-048B-48BB-B16B-A4B689A7A42A}
2013-10-22 16:49 - 2013-10-22 16:49 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-22 16:49 - 2013-10-22 16:49 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-22 16:49 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-22 16:46 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-10-22 16:45 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-22 15:53 - 2013-10-22 15:53 - 00365546 _____ C:\Users\Patrick\Documents\cc_20131022_155305.reg
2013-10-22 15:33 - 2013-10-22 15:33 - 00000815 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\CCleaner
2013-10-22 15:29 - 2013-10-22 15:29 - 04369632 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup406.exe
2013-10-22 15:08 - 2013-10-22 15:07 - 05403344 _____ (PC Cleaners) C:\ProgramData\pclunst.exe
2013-10-22 15:03 - 2013-10-22 23:06 - 00000370 _____ C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job
2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry_Cleaner_Pro
2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry Cleaner Pro
2013-10-22 15:00 - 2013-10-22 15:00 - 00894600 _____ (CNET Download.com) C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe
2013-10-22 14:56 - 2013-10-22 14:56 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\LavasoftStatistics
2013-10-22 14:36 - 2013-10-22 16:00 - 00000000 ____D C:\Program Files\Lavasoft
2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SecureSearch
2013-10-22 14:34 - 2013-10-22 14:34 - 00000000 ____D C:\ProgramData\Lavasoft
2013-10-22 14:33 - 2013-10-22 14:33 - 01724552 _____ C:\Users\Patrick\Downloads\Adaware_Installer.exe
2013-10-22 10:52 - 2013-10-25 10:22 - 00000000 ____D C:\Users\Patrick\Desktop\DriversEd
2013-10-20 09:40 - 2013-10-22 22:50 - 00000000 ____D C:\a
2013-10-20 09:39 - 2013-10-20 09:39 - 00619911 _____ C:\Users\Patrick\Downloads\HDvideo-v4.exe
2013-10-20 09:31 - 2013-10-20 09:32 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe
2013-10-17 18:19 - 2013-10-17 18:19 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe
2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\05.wmv
2013-10-10 18:44 - 2013-10-10 18:44 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe
2013-10-09 08:17 - 2013-10-09 08:17 - 00000068 _____ C:\Windows\system32\ttt.bat
2013-10-07 18:41 - 2013-10-07 18:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe
2013-10-06 14:25 - 2013-10-06 14:25 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe
2013-10-06 14:03 - 2013-10-06 14:03 - 00743634 _____ C:\Users\Patrick\Downloads\steak___kidney_pie.bmp
2013-10-06 10:53 - 2013-10-06 10:53 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe
2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uPlayer
2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uPlayer
2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Program Files\uPlayer
2013-10-06 10:42 - 2013-10-20 09:43 - 20914176 _____ C:\Users\Patrick\Downloads\uPlayer.msi
2013-10-06 10:41 - 2013-10-06 10:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe
2013-10-05 14:34 - 2013-10-05 14:34 - 00002093 _____ C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
2013-10-05 14:15 - 2013-10-05 14:15 - 00002021 _____ C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
2013-10-04 21:22 - 2013-10-04 21:22 - 00000000 ____D C:\Users\Patrick\Documents\Electronic Arts
2013-10-04 21:18 - 2013-10-04 21:18 - 00002080 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk
2013-10-04 21:18 - 2013-10-04 21:15 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll
 
==================== One Month Modified Files and Folders =======
 
2013-10-26 09:00 - 2013-10-25 17:21 - 00000076 _____ C:\Users\Patrick\Downloads\fixlist.txt
2013-10-26 08:59 - 2013-10-26 08:59 - 00039329 _____ C:\Users\Patrick\Downloads\FRST (1).txt
2013-10-26 08:57 - 2013-10-26 08:57 - 01089001 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe
2013-10-26 08:57 - 2011-04-27 15:28 - 00001356 _____ C:\Users\Patrick\AppData\Local\d3d9caps.dat
2013-10-26 08:52 - 2011-05-11 14:23 - 00000000 ____D C:\Program Files\Steam
2013-10-26 08:49 - 2013-10-26 08:49 - 00002104 _____ C:\Users\Patrick\Downloads\AdwCleanerS0.txt
2013-10-26 08:49 - 2013-10-26 08:49 - 00002011 _____ C:\Users\Patrick\Downloads\AdwCleanerR0.txt
2013-10-26 08:46 - 2013-10-26 08:46 - 00006342 _____ C:\Users\Patrick\Downloads\JRT.txt
2013-10-26 08:41 - 2013-02-26 18:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-26 08:41 - 2011-04-28 12:07 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA.job
2013-10-26 08:37 - 2011-06-11 02:22 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-26 08:24 - 2009-04-11 05:38 - 01336139 _____ C:\Windows\WindowsUpdate.log
2013-10-26 08:21 - 2011-06-11 02:22 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-26 08:21 - 2006-11-02 06:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-26 08:21 - 2006-11-02 05:46 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-26 08:21 - 2006-11-02 05:46 - 00003760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-25 23:30 - 2006-11-02 06:00 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-25 17:20 - 2013-10-25 17:20 - 00000136 _____ C:\Users\Patrick\fixlist.txt
2013-10-25 17:20 - 2011-04-27 15:28 - 00000000 ____D C:\Users\Patrick
2013-10-25 17:15 - 2013-10-22 23:06 - 00020040 _____ C:\Windows\PFRO.log
2013-10-25 17:14 - 2013-10-25 17:10 - 00000000 ____D C:\AdwCleaner
2013-10-25 17:13 - 2013-03-22 07:35 - 00000000 ____D C:\ProgramData\Uniblue
2013-10-25 17:13 - 2012-06-05 15:40 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-25 17:09 - 2013-10-25 17:09 - 01060070 _____ C:\Users\Patrick\Downloads\AdwCleaner.exe
2013-10-25 17:08 - 2013-10-25 17:08 - 01813288 _____ (Express Install       ) C:\Users\Patrick\Downloads\Setup.exe
2013-10-25 17:06 - 2013-10-25 17:06 - 00006342 _____ C:\Users\Patrick\Desktop\JRT.txt
2013-10-25 16:57 - 2013-10-25 16:57 - 00000000 ____D C:\Windows\ERUNT
2013-10-25 16:48 - 2013-10-25 16:48 - 01033335 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe
2013-10-25 10:22 - 2013-10-22 10:52 - 00000000 ____D C:\Users\Patrick\Desktop\DriversEd
2013-10-25 09:42 - 2011-04-28 12:07 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core.job
2013-10-25 08:50 - 2006-11-02 03:33 - 01614504 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-24 17:05 - 2011-06-11 05:48 - 00000406 ____H C:\Windows\Tasks\Norton Security Scan for Patrick.job
2013-10-24 09:52 - 2013-03-22 07:40 - 00000000 ____D C:\Users\Patrick\AppData\Local\CrashDumps
2013-10-23 15:10 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-23 09:56 - 2013-10-23 09:56 - 00025255 _____ C:\Users\Patrick\Downloads\Addition.txt
2013-10-23 09:54 - 2013-10-23 09:54 - 00000000 ____D C:\FRST
2013-10-23 09:27 - 2013-10-23 09:27 - 00016338 _____ C:\Users\Patrick\Desktop\dds.txt
2013-10-23 09:27 - 2013-10-23 09:27 - 00011035 _____ C:\Users\Patrick\Desktop\attach.txt
2013-10-23 09:25 - 2013-10-23 09:25 - 00688992 ____R (Swearware) C:\Users\Patrick\Downloads\dds.scr
2013-10-23 09:12 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache
2013-10-23 08:50 - 2006-11-02 05:46 - 03714840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-23 08:49 - 2012-11-06 13:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-23 08:47 - 2006-11-02 05:35 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-10-23 08:47 - 2006-11-02 05:35 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-23 00:34 - 2006-11-02 03:23 - 00000240 _____ C:\Windows\win.ini
2013-10-23 00:21 - 2013-10-23 00:18 - 00000000 ____D C:\Windows\system32\MRT
2013-10-22 23:49 - 2011-04-27 15:28 - 00079008 _____ C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-22 23:09 - 2012-03-12 12:18 - 00000000 ____D C:\Users\Patrick\Desktop\MoreGames
2013-10-22 23:06 - 2013-10-22 15:03 - 00000370 _____ C:\Windows\Tasks\Registry Cleaner Pro_scan_schedule_task_18753e58-de90-4174-9af0-be42759826ba.job
2013-10-22 23:06 - 2011-05-03 08:22 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment
2013-10-22 22:53 - 2013-10-22 22:53 - 00004112 _____ C:\{5BA4C780-048B-48BB-B16B-A4B689A7A42A}
2013-10-22 22:50 - 2013-10-20 09:40 - 00000000 ____D C:\a
2013-10-22 16:49 - 2013-10-22 16:49 - 00000917 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-22 16:49 - 2013-10-22 16:49 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-22 16:46 - 2013-10-22 16:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-10-22 16:46 - 2013-10-22 16:45 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Patrick\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-22 16:10 - 2012-07-19 09:06 - 00000002 _____ C:\Windows\system32\HRUPPROG.TXT
2013-10-22 16:07 - 2013-01-13 10:34 - 00000000 ____D C:\Users\Patrick\Documents\Silo Data
2013-10-22 16:00 - 2013-10-22 14:36 - 00000000 ____D C:\Program Files\Lavasoft
2013-10-22 15:53 - 2013-10-22 15:53 - 00365546 _____ C:\Users\Patrick\Documents\cc_20131022_155305.reg
2013-10-22 15:48 - 2011-05-09 16:07 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Vso
2013-10-22 15:47 - 2013-05-08 09:18 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client
2013-10-22 15:47 - 2012-12-23 12:26 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Ventrilo
2013-10-22 15:47 - 2011-05-09 08:04 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Azureus
2013-10-22 15:37 - 2013-05-05 07:31 - 00000000 ____D C:\Windows\Minidump
2013-10-22 15:37 - 2011-04-27 16:15 - 00000000 ____D C:\Windows\Panther
2013-10-22 15:33 - 2013-10-22 15:33 - 00000815 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-22 15:33 - 2013-10-22 15:33 - 00000000 ____D C:\Program Files\CCleaner
2013-10-22 15:29 - 2013-10-22 15:29 - 04369632 _____ (Piriform Ltd) C:\Users\Patrick\Downloads\ccsetup406.exe
2013-10-22 15:07 - 2013-10-22 15:08 - 05403344 _____ (PC Cleaners) C:\ProgramData\pclunst.exe
2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry_Cleaner_Pro
2013-10-22 15:03 - 2013-10-22 15:03 - 00000000 ____D C:\Users\Patrick\AppData\Local\Registry Cleaner Pro
2013-10-22 15:00 - 2013-10-22 15:00 - 00894600 _____ (CNET Download.com) C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe
2013-10-22 14:56 - 2013-10-22 14:56 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\LavasoftStatistics
2013-10-22 14:36 - 2013-10-22 14:36 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\SecureSearch
2013-10-22 14:34 - 2013-10-22 14:34 - 00000000 ____D C:\ProgramData\Lavasoft
2013-10-22 14:33 - 2013-10-22 14:33 - 01724552 _____ C:\Users\Patrick\Downloads\Adaware_Installer.exe
2013-10-20 09:43 - 2013-10-06 10:42 - 20914176 _____ C:\Users\Patrick\Downloads\uPlayer.msi
2013-10-20 09:39 - 2013-10-20 09:39 - 00619911 _____ C:\Users\Patrick\Downloads\HDvideo-v4.exe
2013-10-20 09:32 - 2013-10-20 09:31 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe
2013-10-17 22:25 - 2012-07-13 09:02 - 00002063 _____ C:\Users\Patrick\Desktop\Google Chrome.lnk
2013-10-17 18:19 - 2013-10-17 18:19 - 00589528 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe
2013-10-12 19:08 - 2011-05-08 12:17 - 00000000 ____D C:\Users\Patrick\Desktop\New Folder
2013-10-12 17:23 - 2011-05-03 08:31 - 00000000 ____D C:\Users\Patrick\Documents\StarCraft II
2013-10-11 10:21 - 2013-10-11 10:21 - 01173497 _____ C:\Users\Patrick\Downloads\05.wmv
2013-10-10 18:44 - 2013-10-10 18:44 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe
2013-10-09 08:17 - 2013-10-09 08:17 - 00000068 _____ C:\Windows\system32\ttt.bat
2013-10-09 07:41 - 2013-02-26 18:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 07:41 - 2012-07-25 12:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 18:41 - 2013-10-07 18:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe
2013-10-06 14:26 - 2010-07-27 08:02 - 00000000 ____D C:\StarCraft II
2013-10-06 14:25 - 2013-10-06 14:25 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe
2013-10-06 14:03 - 2013-10-06 14:03 - 00743634 _____ C:\Users\Patrick\Downloads\steak___kidney_pie.bmp
2013-10-06 10:53 - 2013-10-06 10:53 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe
2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uPlayer
2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uPlayer
2013-10-06 10:43 - 2013-10-06 10:43 - 00000000 ____D C:\Program Files\uPlayer
2013-10-06 10:41 - 2013-10-06 10:41 - 00590496 _____ C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe
2013-10-05 14:34 - 2013-10-05 14:34 - 00002093 _____ C:\Users\Public\Desktop\The Sims™ 3 Late Night.lnk
2013-10-05 14:34 - 2011-04-27 15:47 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-05 14:26 - 2011-09-17 19:11 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-10-05 14:15 - 2013-10-05 14:15 - 00002021 _____ C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
2013-10-05 14:11 - 2013-08-14 14:54 - 00000000 ____D C:\Program Files\Origin Games
2013-10-05 14:04 - 2011-07-28 22:39 - 00000000 ____D C:\Program Files\Origin
2013-10-04 21:22 - 2013-10-04 21:22 - 00000000 ____D C:\Users\Patrick\Documents\Electronic Arts
2013-10-04 21:18 - 2013-10-04 21:18 - 00002080 _____ C:\Users\Public\Desktop\The Sims™ 3.lnk
2013-10-04 21:15 - 2013-10-04 21:18 - 00447752 _____ (On2.com) C:\Windows\system32\vp6vfw.dll
2013-09-26 02:19 - 2006-11-02 03:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
 
Files to move or delete:
====================
C:\ProgramData\.glInit02.dat
C:\ProgramData\pclunst.exe
C:\Users\Patrick\APB_Reloaded_Installer.exe
C:\Users\Patrick\Fallen_Earth_20110728.exe
 
 
Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-10-26 08:27
 
==================== End Of Log ============================
 
as always, Thank you very much for your time, help, and patience.
 
Patrick
Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

ComboFix 13-11-01.03 - Patrick 11/02/2013  11:10:08.1.4 - x86

Microsoft® Windows Vista™ Ultimate   6.0.6002.2.1252.1.1033.18.3326.2192 [GMT -7:00]

Running from: c:\users\Patrick\Desktop\ComboFix.exe

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Patrick\AppData\Local\Temp\1.tmp\F_IN_BOX.dll

c:\users\Patrick\AppData\Roaming\vso_ts_preview.xml

c:\windows\system32\c.bat

c:\windows\system32\drivers\etc\lmhosts

c:\windows\system32\v.vbs

.

.

(((((((((((((((((((((((((   Files Created from 2013-10-02 to 2013-11-02  )))))))))))))))))))))))))))))))

.

.

2013-11-02 18:23 . 2013-11-02 18:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-11-02 18:23 . 2013-11-02 18:23 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-10-30 14:44 . 2013-10-30 14:44 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2013-10-26 00:10 . 2013-10-26 00:14 -------- d-----w- C:\AdwCleaner

2013-10-25 23:57 . 2013-10-25 23:57 -------- d-----w- c:\windows\ERUNT

2013-10-23 16:54 . 2013-10-23 16:54 -------- d-----w- C:\FRST

2013-10-23 07:18 . 2013-10-23 07:21 -------- d-----w- c:\windows\system32\MRT

2013-10-23 06:56 . 2013-08-27 02:47 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2013-10-23 06:56 . 2013-08-27 02:47 189952 ----a-w- c:\windows\system32\d3d10core.dll

2013-10-23 06:56 . 2013-08-27 02:47 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2013-10-23 06:56 . 2013-08-27 02:47 1029120 ----a-w- c:\windows\system32\d3d10.dll

2013-10-23 06:56 . 2013-08-27 01:52 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2013-10-23 06:56 . 2013-08-27 01:50 486400 ----a-w- c:\windows\system32\d3d10level9.dll

2013-10-23 06:56 . 2013-08-27 01:32 683008 ----a-w- c:\windows\system32\d2d1.dll

2013-10-23 06:56 . 2013-08-27 01:28 1069056 ----a-w- c:\windows\system32\DWrite.dll

2013-10-23 06:56 . 2013-08-27 01:28 798208 ----a-w- c:\windows\system32\FntCache.dll

2013-10-23 06:54 . 2013-06-26 23:01 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2013-10-23 06:54 . 2013-04-17 12:30 24576 ----a-w- c:\windows\system32\cryptdlg.dll

2013-10-23 06:51 . 2013-07-04 04:21 532480 ----a-w- c:\windows\system32\comctl32.dll

2013-10-23 06:51 . 2013-07-03 02:10 25472 ----a-w- c:\windows\system32\drivers\hidparse.sys

2013-10-23 06:51 . 2013-06-04 04:16 34304 ----a-w- c:\windows\system32\atmlib.dll

2013-10-23 06:51 . 2013-06-04 01:49 293376 ----a-w- c:\windows\system32\atmfd.dll

2013-10-23 06:50 . 2013-06-01 04:06 505344 ----a-w- c:\windows\system32\qedit.dll

2013-10-23 06:49 . 2013-04-09 03:52 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2013-10-23 06:49 . 2013-04-09 03:51 983552 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2013-10-23 06:49 . 2013-04-09 03:51 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2013-10-23 06:49 . 2013-04-09 03:51 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2013-10-23 06:48 . 2013-07-08 04:16 992768 ----a-w- c:\windows\system32\crypt32.dll

2013-10-23 06:48 . 2013-07-08 04:20 172544 ----a-w- c:\windows\system32\wintrust.dll

2013-10-23 06:48 . 2013-07-08 04:16 98304 ----a-w- c:\windows\system32\cryptnet.dll

2013-10-23 06:48 . 2013-07-08 04:16 133120 ----a-w- c:\windows\system32\cryptsvc.dll

2013-10-22 23:49 . 2013-10-22 23:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-10-22 23:49 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-10-22 22:33 . 2013-10-22 22:33 -------- d-----w- c:\program files\CCleaner

2013-10-22 22:08 . 2013-10-22 22:07 5403344 ----a-w- c:\programdata\pclunst.exe

2013-10-22 22:03 . 2013-10-22 22:03 -------- d-----w- c:\users\Patrick\AppData\Local\Registry_Cleaner_Pro

2013-10-22 22:03 . 2013-10-22 22:03 -------- d-----w- c:\users\Patrick\AppData\Local\Registry Cleaner Pro

2013-10-22 21:56 . 2013-10-22 21:56 -------- d-----w- c:\users\Patrick\AppData\Roaming\LavasoftStatistics

2013-10-22 21:36 . 2013-10-22 21:36 -------- d-----w- c:\users\Patrick\AppData\Roaming\SecureSearch

2013-10-22 21:36 . 2013-10-22 23:00 -------- d-----w- c:\program files\Lavasoft

2013-10-22 21:34 . 2013-10-22 21:34 -------- d-----w- c:\programdata\Lavasoft

2013-10-20 16:40 . 2013-10-23 05:50 -------- d-----w- C:\a

2013-10-09 15:17 . 2013-10-09 15:17 68 ----a-w- c:\windows\system32\ttt.bat

2013-10-06 17:43 . 2013-10-06 17:43 -------- d-----w- c:\users\Patrick\AppData\Roaming\uPlayer

2013-10-06 17:43 . 2013-10-06 17:43 -------- d-----w- c:\program files\uPlayer

2013-10-05 04:18 . 2013-10-05 04:15 447752 ----a-w- c:\windows\system32\vp6vfw.dll

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-10-16 08:20 . 2013-11-01 09:04 7796464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{96F22B8B-B49C-4F12-965E-F3061E6ABE15}\mpengine.dll

2013-10-09 14:41 . 2013-02-27 01:44 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-10-09 14:41 . 2012-07-25 19:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-09-21 17:23 . 2013-09-21 17:24 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-09-21 17:23 . 2013-09-21 17:24 868264 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-09-21 17:23 . 2011-06-07 00:13 790440 ----a-w- c:\windows\system32\deployJava1.dll

2013-09-12 08:51 . 2013-09-21 17:34 53024 ----a-w- c:\windows\system32\OpenCL.dll

2013-09-12 08:51 . 2013-09-21 17:31 22102304 ----a-w- c:\windows\system32\nvoglv32.dll

2013-09-12 08:51 . 2013-09-21 17:31 2007328 ----a-w- c:\windows\system32\nvcuvenc.dll

2013-09-12 08:51 . 2013-09-21 17:31 17560352 ----a-w- c:\windows\system32\nvcompiler.dll

2013-09-12 08:51 . 2013-09-21 17:31 9253664 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2013-09-12 08:51 . 2013-09-21 17:31 893728 ----a-w- c:\windows\system32\nvdispgenco3232723.dll

2013-09-12 08:51 . 2013-09-21 17:31 7720576 ----a-w- c:\windows\system32\nvcuda.dll

2013-09-12 08:51 . 2013-09-21 17:31 6329552 ----a-w- c:\windows\system32\nvopencl.dll

2013-09-12 08:51 . 2013-09-21 17:31 2789152 ----a-w- c:\windows\system32\nvcuvid.dll

2013-09-12 08:51 . 2013-09-21 17:31 2630304 ----a-w- c:\windows\system32\nvapi.dll

2013-09-12 08:51 . 2013-09-21 17:31 13628208 ----a-w- c:\windows\system32\nvwgf2um.dll

2013-09-12 08:51 . 2013-09-21 17:31 12947360 ----a-w- c:\windows\system32\nvd3dum.dll

2013-09-12 08:51 . 2013-09-21 17:31 1049376 ----a-w- c:\windows\system32\nvdispco3232723.dll

2013-09-12 06:28 . 2013-09-21 17:34 4265760 ----a-w- c:\windows\system32\nvcpl.dll

2013-09-12 06:28 . 2013-09-21 17:34 3006240 ----a-w- c:\windows\system32\nvsvc.dll

2013-09-12 06:28 . 2013-09-21 17:34 662816 ----a-w- c:\windows\system32\nvvsvc.exe

2013-09-12 06:28 . 2013-09-21 17:34 62752 ----a-w- c:\windows\system32\nvshext.dll

2013-09-12 06:28 . 2013-09-21 17:34 209184 ----a-w- c:\windows\system32\nvmctray.dll

2013-09-03 21:35 . 2011-04-27 23:18 238872 ------w- c:\windows\system32\MpSigStub.exe

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]

"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-04-30 1770400]

"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer9"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk

backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk

backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-11-10 19:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2013-02-13 02:37 1263952 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-04-28 19:07 136176 ----atw- c:\users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]

2007-10-12 03:01 46368 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]

2007-10-12 03:03 29984 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]

2007-08-31 17:01 328992 ----a-w- c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]

2007-10-11 03:04 1826816 ----a-w- c:\windows\SkyTel.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2006-10-25 17:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

2013-10-30 19:25 1820584 ----a-w- c:\program files\Steam\Steam.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2013-07-02 16:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ   FontCache

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]

2008-04-12 00:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]

2008-08-28 17:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-27 14:41]

.

2013-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-11 09:21]

.

2013-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-11 09:21]

.

2013-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000Core.job

- c:\users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28 19:07]

.

2013-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1523673819-582981192-2884528013-1000UA.job

- c:\users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-28 19:07]

.

2013-11-02 c:\windows\Tasks\Norton Security Scan for Patrick.job

- c:\progra~1\NORTON~2\Engine\311~1.6\Nss.exe [2011-06-11 10:30]

.

.

------- Supplementary Scan -------

.


uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 192.168.2.1

.

- - - - ORPHANS REMOVED - - - -

.

HKCU-Run-AdobeBridge - (no file)

SafeBoot-WudfPf

SafeBoot-WudfRd

MSConfigStartUp-GenieoSystemTray - c:\users\Patrick\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe

MSConfigStartUp-GenieoUpdaterService - c:\users\Patrick\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe

MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe

MSConfigStartUp-TkBellExe - c:\program files\Real\RealPlayer\Update\realsched.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-11-02 11:27

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...  

.

scanning hidden autostart entries ... 

.

scanning hidden files ...  

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]

"ImagePath"="\"c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-1523673819-582981192-2884528013-1000\Software\SecuROM\License information*]

"datasecu"=hex:d3,3b,38,50,b7,3e,9e,b1,d0,2e,c5,44,d7,6c,dd,ea,d2,60,60,22,0d,

   88,4b,3c,34,c9,31,13,c1,fe,d0,30,8c,67,b8,55,52,f5,48,ba,b5,4f,fb,89,d7,e6,\

"rkeysecu"=hex:2a,7b,49,4b,ef,34,45,24,3f,fb,0e,ad,3e,6f,9b,8c

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\program files\NVIDIA Corporation\Display\nvxdsync.exe

c:\windows\system32\nvvsvc.exe

c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\SYSTEM32\astsrv.exe

c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Hi-Rez Studios\HiPatchService.exe

c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe

c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe

c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

c:\windows\system32\PnkBstrA.exe

c:\program files\Wondershare\Wondershare Application Center\WACService.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\windows\system32\DRIVERS\xaudio.exe

c:\windows\servicing\TrustedInstaller.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\RtHDVCpl.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\Belkin\Belkin USB Print and Storage Center\connect.exe

c:\program files\Belkin\Router Setup and Monitor\BelkinSetup.exe

c:\program files\NVIDIA Corporation\Display\nvtray.exe

c:\windows\system32\DllHost.exe

.

**************************************************************************

.

Completion time: 2013-11-02  11:30:55 - machine was rebooted

ComboFix-quarantined-files.txt  2013-11-02 18:30

.

Pre-Run: 15,016,169,472 bytes free

Post-Run: 17,776,209,920 bytes free

.

- - End Of File - - F3763F7836B54E201760580C481E87DC

5C616939100B85E558DA92B899A0FC36
Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

F:\Users\Patrick\My Documents\Vuze Downloads\AUTODESK.MAYA.V2013.WIN32-ISO-on\maya2013_x32.rar a variant of Win32/Keygen.HA application

C:\a\uplayermediaplayer-setup.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

C:\Users\Patrick\Documents\Vuze Downloads\AUTODESK.MAYA.V2013.WIN32-ISO-on\maya2013_x32.rar a variant of Win32/Keygen.HA application deleted - quarantined

C:\Users\Patrick\Downloads\cbsidlm-cbsi134-Registry_Cleaner_Pro-SEO-75610808.exe probably a variant of Win32/CNETInstaller.A application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\cbsidlm-tr1_10a-Ghost_Mouse_Auto_Clicker-SEO-75322043.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\flashupdate.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\HDvideo-v4.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\reginout_setup.exe multiple threats cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\Setup.exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\uplayermediaplayer-setup (1).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\uplayermediaplayer-setup (2).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\uplayermediaplayer-setup (3).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\uplayermediaplayer-setup (4).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\uplayermediaplayer-setup (5).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\uplayermediaplayer-setup (6).exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

C:\Users\Patrick\Downloads\uplayermediaplayer-setup.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined

F:\Users\Patrick\Documents\Downloads\RingtoneExpressionsSetup.exe a variant of Win32/Induc.A virus cleaned by deleting - quarantined

F:\Users\Patrick\Documents\Downloads\SoftonicDownloader30277.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
Link to post
Share on other sites

Please download the Kaspersky Virus Removal Tool from here to your Desktop.

Double-click the Removal Tool.

Click the cog in the upper right corner:

AVPfront.gif

Select down to and including your main drive.

Once done please select the Automatic Scan tab and press Start Scan.

avpsettings.gif

Allow AVP to delete all infections found.

Once it has finished select the Report tab.

Select the Detected threats report from the left and press the Save button.

Save it to your Desktop and post the contents in your next reply.

Link to post
Share on other sites

That link keeps leading to a dead end 404 page. after digging around on that site I found this page - 

 

http://www.kaspersky.com/antivirus-removal-tool?form=1

 

I downloaded - Version 11 (11.0.0.1245) english version, and tried to install it, but it keeps failing the install and says to reboot the computer and try again.  I did that numerous times with no luck.

Link to post
Share on other sites

this ran in safemode and found one threat from what I saw while it was about 50% through, then it closed down when it finished I believe.  I selected delete the threat when it came up.  Now I do not know where to find the report, and I still am having the same issues since the very beginning.  

 

As always I really appreciate your help.

 

Thank you, patrick

Link to post
Share on other sites

I reset chrome and was still having the same problem.  I un-installed chrome and re-installed, and now everything seems to be working normally.  I will update in a day or two if any problems arise, but otherwise I am going to consider this a "Problem Solved!"

 

Thank you so very much for your help Maniac, I sincerely appreciate you donating your time to helping me and people like me with these problems.  Malware / adware / whatever is a really annoying and tricky problem to tackle, and the world is a better place for having people like you helping out.  As I mentioned before, I am currently not working but will be starting two part time jobs in the coming weeks.  I promise I will be buying Malwarebytes and sending a small donation your way via paypal in the near future.  Until then, I hope that my thanks and praise can be accepted. 

 

Thank you again!

 

Patrick

Link to post
Share on other sites

Thank you very much, Patrick! You are welcome! :)

Some final steps:

Step 1

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Please uninstall ESET Online Scanner and manually delete Kaspersky AVP .

Step 4

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

  • 5 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.