Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

Cannot access internet after removing viruses

Jan 21, 2015 12:27PM PST

So I said to my buddy, sure I'll fix your laptop for you because he was complaining about viruses and adds everywhere.

So I downloaded MalwareBytes and did a scan, and removed all 2200 virus' and 8 where indeed Trojans.

Then I go onto Chrome to see if its fixed and of course it wouldnt let me access the internet. I googled it and tried a few things but nothing seems to work...

I would greatly appriciate some help as my pal thinks I've now broke his laptop Silly


I will attach a FRST log to help but I also will sit and refresh this page every 10minutes so I can respond ASAP.


FRST LOG:

<span id="INSERTION_MARKER">Farbar Service Scanner Version: 17-01-2015Ran by Joshy poo! (administrator) on 22-01-2015 at 01:44:16Running from "E:\"Microsoft Windows 8 (X64)Boot Mode: Normal****************************************************************Internet Services:============Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Yahoo.com is accessible.Windows Firewall:=============Firewall Disabled Policy: ==================System Restore:============System Restore Policy: ========================Action Center:============Windows Update:============wuauserv Service is not running. Checking service configuration:The start type of wuauserv service is OK.The ImagePath of wuauserv service is OK.The ServiceDll of wuauserv service is OK.Windows Autoupdate Disabled Policy: ============================Windows Defender:==============WinDefend Service is not running. Checking service configuration:The start type of WinDefend service is set to Demand. The default start type is Auto.The ImagePath of WinDefend service is OK.Windows Defender Disabled Policy: ==========================[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]"DisableAntiSpyware"=DWORD:1Other Services:==============File Check:========C:\Windows\System32\nsisvc.dll => File is digitally signedC:\Windows\System32\drivers\nsiproxy.sys => File is digitally signedC:\Windows\System32\dhcpcore.dll => File is digitally signedC:\Windows\System32\drivers\afd.sys => File is digitally signedC:\Windows\System32\drivers\tdx.sys => File is digitally signedC:\Windows\System32\Drivers\tcpip.sys => File is digitally signedC:\Windows\System32\dnsrslvr.dll => File is digitally signedC:\Windows\System32\mpssvc.dll => File is digitally signedC:\Windows\System32\bfe.dll => File is digitally signedC:\Windows\System32\drivers\mpsdrv.sys => File is digitally signedC:\Windows\System32\SDRSVC.dll => File is digitally signedC:\Windows\System32\vssvc.exe => File is digitally signedC:\Windows\System32\wscsvc.dll => File is digitally signedC:\Windows\System32\wbem\WMIsvc.dll => File is digitally signedC:\Windows\System32\wuaueng.dll => File is digitally signedC:\Windows\System32\qmgr.dll => File is digitally signedC:\Windows\System32\es.dll => File is digitally signedC:\Windows\System32\cryptsvc.dll => File is digitally signedC:\Program Files\Windows Defender\MpSvc.dll => File is digitally signedC:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signedC:\Windows\System32\ipnathlp.dll => File is digitally signedC:\Windows\System32\iphlpsvc.dll => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signed**** End of log ****
<span>

<span>FRST ADDITIONAL:
<span>

<span id="INSERTION_MARKER"> <span>

<span id="INSERTION_MARKER"> <span>

<span>

Discussion is locked

- Collapse -
<span>'s and unreadable.
Jan 21, 2015 12:32PM PST

Try to preview those posts.

Try resetting all browsers and reset the stack. For Windows 8 it's at:
http://support.microsoft.com/kb/299357

Damage can run deep and I'd research why items are disabled in that log.
Bob

- Collapse -
Oops
Jan 21, 2015 12:37PM PST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015Ran by Joshy poo! (administrator) on JOSHY on 22-01-2015 03:54:34Running from E:\Loaded Profiles: Joshy poo! (Available profiles: Joshy poo!)Platform: Windows 8 (X64) OS Language: English (United Kingdom)Internet Explorer Version 10 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Microsoft Corporation) C:\windows\System32\wlanext.exe() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe(TOSHIBA Corporation) C:\windows\System32\TODDSrv.exe(Goobzo) C:\Program Files (x86)\YTDownloader\YTDUpdater.exe(Rational Thought Solutions) C:\ProgramData\SLduKrmD\iaEITDKxBO.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe(Microsoft Corporation) C:\windows\System32\alg.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe(Microsoft Corporation) C:\windows\System32\WWAHost.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe\LiveComm.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe(BitTorrent Inc.) C:\Users\Joshy poo!\AppData\Roaming\uTorrent\uTorrent.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\windows\System32\msiexec.exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [] => [X]HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-04] ()HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-01] (Intel Corporation)HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968 2014-12-17] (YTDownloader)Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-1011432725-1684852032-1684055089-1001\...\Run: [Facebook Update] => C:\Users\Joshy poo!\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-2Cool (Facebook Inc.)HKU\S-1-5-21-1011432725-1684852032-1684055089-1001\...\Run: [Spotify] => C:\Users\Joshy poo!\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-02-07] (Spotify Ltd)HKU\S-1-5-21-1011432725-1684852032-1684055089-1001\...\Run: [Spotify Web Helper] => C:\Users\Joshy poo!\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-07] (Spotify Ltd)HKU\S-1-5-21-1011432725-1684852032-1684055089-1001\...\Run: [smoother] => C:\Users\Joshy poo!\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe [583645 2015-01-20] ()HKU\S-1-5-21-1011432725-1684852032-1684055089-1001\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968 2014-12-17] (YTDownloader)AppInit_DLLs-x32: C:/PROGRA~3/{A7B34~1/190~1.1/tona.dll => C:/PROGRA~3/{A7B34~1/190~1.1/tona.dll [966144 2015-01-21] ()IFEO\ContentExplorer.exe: [Debugger] TaskList.exeIFEO\internetenhancer.exe: [Debugger] TaskList.exeIFEO\internetenhancerservice.exe: [Debugger] TaskList.exeIFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exeIFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exeIFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exeIFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exeStartup: C:\Users\Joshy poo!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnkShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comStartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1011432725-1684852032-1684055089-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbQ56KyJJVUG02g_eGRr9RlM9sogXVMrn4AcF0VyhXYauryn9v5OGTvq94Mp1q09NpNpw-wFRIjHnn0H4jwKPZZD3uW66-4RUEcRo4uPrGuTMQwSYhW-l5P62rYsivcMvcQNs0n-le2BLQR370DceLXVdkZkQoCNUcPbWTLvOIORe0J0JVIeNcH7gB4,&q={searchTerms}BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Winsock: Catalog5 04 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"Winsock: Catalog9 01 C:\windows\system32\abengine.dll File Not found ()Winsock: Catalog9 02 C:\windows\system32\abengine.dll File Not found ()Winsock: Catalog9 03 C:\windows\system32\abengine.dll File Not found ()Winsock: Catalog9 04 C:\windows\system32\abengine.dll File Not found ()Winsock: Catalog9 16 C:\windows\system32\abengine.dll File Not found ()Winsock: Catalog5-x64 04 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"Winsock: Catalog9-x64 01 C:\windows\system32\abengine64.dll [370880] (Abengine)Winsock: Catalog9-x64 02 C:\windows\system32\abengine64.dll [370880] (Abengine)Winsock: Catalog9-x64 03 C:\windows\system32\abengine64.dll [370880] (Abengine)Winsock: Catalog9-x64 04 C:\windows\system32\abengine64.dll [370880] (Abengine)Winsock: Catalog9-x64 16 C:\windows\system32\abengine64.dll [370880] (Abengine)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254FireFox:========FF ProfilePath: C:\Users\Joshy poo!\AppData\Roaming\Mozilla\Firefox\Profiles\76z5v8y1.defaultFF DefaultSearchEngine: eBay.co.ukFF SearchEngineOrder.1: Search The Web (GoPhotoIt)FF SelectedSearchEngine: eBay.co.ukFF Homepage: hxxp://vosteran.com/?f=1&a=vst_cmi_15_04_ff&cd=2XzuyEtN2Y1L1QzuyBtDyDyE0DtByB0A0EtDyE0AyCtA0EyEtN0D0Tzu0StCtCtCyCtN1L2XzutAtFyBtFtAtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtD0ByDyCzzyBtG0AyCtB0CtGyDzzzyzytGtC0C0AyCtGyEtDyBtB0E0EyDyDyE0F0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FyE0BtBtAyC0EtGzy0D0CtBtGyE0ByC0FtG0A0FtD0BtGzztDtB0EtB0B0E0CtB0B0BtA2Q&cr=1167326649&ir=FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin HKU\S-1-5-21-1011432725-1684852032-1684055089-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Joshy poo!\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)FF Plugin HKU\S-1-5-21-1011432725-1684852032-1684055089-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Joshy poo!\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF user.js: detected! => C:\Users\Joshy poo!\AppData\Roaming\Mozilla\Firefox\Profiles\76z5v8y1.default\user.jsFF SearchPlugin: C:\Users\Joshy poo!\AppData\Roaming\Mozilla\Firefox\Profiles\76z5v8y1.default\searchplugins\ask-search.xmlFF Extension: Booster Web - C:\Users\Joshy poo!\AppData\Roaming\Mozilla\Firefox\Profiles\76z5v8y1.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack [2015-01-21]FF Extension: Zoom It - C:\Users\Joshy poo!\AppData\Roaming\Mozilla\Firefox\Profiles\76z5v8y1.default\Extensions\{290d33f4-0971-f60a-fd01-6b7055cac157} [2015-01-21]FF Extension: New Tab Homepage - C:\Users\Joshy poo!\AppData\Roaming\Mozilla\Firefox\Profiles\76z5v8y1.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2014-05-08]FF Extension: Adblock Plus - C:\Users\Joshy poo!\AppData\Roaming\Mozilla\Firefox\Profiles\76z5v8y1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-08]FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgnFF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-01-22]FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKFF HKU\S-1-5-21-1011432725-1684852032-1684055089-1001\...\Firefox\Extensions: [{4C71EE00-E2F8-6E8A-FC4B-8C75895B5D2E}] - C:\Program Files (x86)\ver0BlockAndSurf\186.xpiChrome: =======CHR Profile: C:\Users\Joshy poo!\AppData\Local\Google\Chrome\User Data\Profile 1CHR Extension: (Docs) - C:\Users\Joshy poo!\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-22]CHR Extension: (Google Drive) - C:\Users\Joshy poo!\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-22]CHR Extension: (YouTube) - C:\Users\Joshy poo!\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22]CHR Extension: (Google Search) - C:\Users\Joshy poo!\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22]CHR Extension: (Gmail) - C:\Users\Joshy poo!\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22]CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No PathCHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-03]CHR HKU\S-1-5-21-1011432725-1684852032-1684055089-1001\...\Chrome\Extension: [begbnpffhnpedhocnobliippgejhjpfp] - C:\Users\Joshy poo!\AppData\Roaming\Cool Mirage Ltd\gophotoit\1.8.29.5\gophotoit.crx [Not Found]CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No PathCHR HKLM-x32\...\Chrome\Extension: [lhbfmjfmchadnjifgddcnklbdmolhipe] - C:\Users\Joshy poo!\AppData\Local\CubiezHelper\CubiezHelper.crx [Not Found]CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-03]==================== Services (Whitelisted) =================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-11-24] () [File not signed]R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]R2 iaEITDKxBO; C:\ProgramData\SLduKrmD\iaEITDKxBO.exe [2734400 2015-01-21] (Rational Thought Solutions)R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)R2 YTDUpdt; C:\Program Files (x86)\YTDownloader\YTDUpdater.exe [178688 2014-12-17] (Goobzo) [File not signed]S2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{c26d6496-27df-310f-0251-f07794378b67}\ \...\???\{c26d6496-27df-310f-0251-f07794378b67}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-07-30] (AVG Technologies CZ, s.r.o.)R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20141002.001\IDSvia64.sys [633560 2014-08-2Cool (Symantec Corporation)S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-22] (Malwarebytes Corporation)S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141002.018\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141002.018\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation )R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation )R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2014-12-17] (YTDownloader)R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)S4 SymELAM; C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-11] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-1Cool (Symantec Corporation)R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)========================== Drivers MD5 =======================C:\Windows\System32\drivers\1394ohci.sys E890C46E4754F0DF51BAFCC8D2E07498C:\Windows\System32\drivers\3ware.sys 4F18D4C7EA14F11A7211F60D553C03DBC:\Windows\System32\drivers\ACPI.sys 975AABEB243B800C23626D6B652C5A9CC:\Windows\System32\Drivers\acpiex.sys DC968C37822117E576B933F34A2D130CC:\Windows\System32\drivers\acpipagr.sys 0CA9F7C3A78227C21A0A7854E245CFB2C:\Windows\System32\drivers\acpipmi.sys 8EB8DA03B142D3DD1EB9ED8107A76C43C:\Windows\System32\drivers\acpitime.sys CBCE725C5D86ABA7D2604E22951AA9B8C:\Windows\System32\drivers\adp94xx.sys 93C6388592B99925C1D1576E465BC80FC:\Windows\System32\drivers\adpahci.sys D27763E0247292654E7F7D16444C7C72C:\Windows\System32\drivers\adpu320.sys 67B90070FF48F794AF19F9FCF0080D75C:\Windows\system32\drivers\afd.sys FE7FB9612D354EB41DF4F0FF5D6FB259C:\Windows\System32\drivers\agp440.sys 01590377A5AB19E792528C628A2A68F9C:\Windows\System32\drivers\amdk8.sys 5A81054B824004B1ECC04F0034A1CDF9C:\Windows\System32\drivers\amdppm.sys B849D453E644FAB9BC8EF6DC8CA9C4C6C:\Windows\System32\drivers\amdsata.sys 35A0EB5AECB0FA3C41A2FB514A562304C:\Windows\System32\drivers\amdsbs.sys 00452671904F5EE94B50BF0219C97164C:\Windows\System32\drivers\amdxata.sys EA3FFE53E92E59C87E3ECA9BEB20D9B7C:\Windows\system32\drivers\appid.sys 83B3682CE922FB0F415734B26D9D6233C:\Windows\System32\drivers\arc.sys E933401B392387F4BE34DE8BAF1722A7C:\Windows\System32\drivers\arcsas.sys 07CA323EF2E8247A568AB0F3662AD644C:\Windows\system32\DRIVERS\asyncmac.sys 74DBAEC35366C4EE7670428808715A6AC:\Windows\System32\drivers\atapi.sys A721FF570C2387E383BDDEA9632863C9C:\Windows\system32\DRIVERS\avgwfpa.sys 8BB4F4FDA60B00D5041C717CAEF1CB02C:\Windows\System32\drivers\bxvbda.sys 87AB5BB072A3F128541D5B815F82FFDDC:\Windows\System32\drivers\BasicDisplay.sys 81703BC5D68DEDBB086C2368FBE7B334C:\Windows\System32\drivers\BasicRender.sys 5EC68164E14D25675C98BBB5F09E8606C:\Windows\System32\Drivers\Beep.sys 9E7AEA59776D904607985AFFE7E5E183C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys B20C7345F7EAD6C5E3EFA52E044411B6C:\Windows\System32\DRIVERS\bowser.sys B17AC10B47C7FCB44D22A1F06415840EC:\Windows\System32\drivers\BthAvrcpTg.sys 6695200F455E251F0BCC9CE4D0978D59C:\Windows\System32\drivers\BthEnum.sys A8B20D852B07AE19A13B5D47EC4E4C3BC:\Windows\System32\drivers\bthhfenum.sys 616EB8748C988AEE98D93DA141C3D3B4C:\Windows\System32\drivers\BthHFHid.sys DCB4EBD928A6FB368BE6CAE522412DE1C:\Windows\system32\DRIVERS\BthLEEnum.sys 42201C346F0B8C458E1E9CDE04D68A2CC:\Windows\System32\drivers\bthmodem.sys 033916CE8784A848B9A3D686B7F66D97C:\Windows\system32\DRIVERS\bthpan.sys 091BB978E9504D0AD14586929431A957C:\Windows\System32\Drivers\BTHport.sys 13795CAA34239D97A7211E7F9D96E012C:\Windows\System32\Drivers\BTHUSB.sys 1F715957F5236D30B6020A19A4271F6AC:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528C:\Windows\System32\DRIVERS\cdfs.sys 990B1BABE6E81FB18E65A87EBEFB1772C:\Windows\System32\drivers\cdrom.sys 339BFF85D788268752DA8C9644B188EEC:\Windows\System32\drivers\circlass.sys F64B7D1A37CC1D5F421D5359EEC81E2EC:\Windows\System32\drivers\CLFS.sys 9905168708DB68849B879B5548F68AB3C:\Windows\System32\drivers\CmBatt.sys 2DC8538A2260647484A6C921CA837313C:\Windows\System32\Drivers\cng.sys DBF9E5346431557BF56F41E7F8EC0DC1C:\Windows\System32\drivers\CompositeBus.sys 0E5B1E9E7122EDAAF1F6CE047965CA92C:\Windows\System32\drivers\condrv.sys D9CB0782AF819548072AA45B70F8B22DC:\Windows\System32\drivers\dam.sys FAEF4C245BE832DB41B15DAAC336AFB7C:\Windows\System32\Drivers\dfsc.sys 431141C6859990824D17F71C30A78728C:\Windows\System32\drivers\discache.sys 3C736FAE17BA6F91BA37594AAB139CD0C:\Windows\System32\drivers\disk.sys AE3786294CC246A5403783E1B86A0168C:\Windows\System32\drivers\dmvsc.sys 82A7C72593793FE1EADA7A305BD1567AC:\Windows\system32\drivers\drmkaud.sys 9C7C183F937951AE17C5B8B3259CF3FFC:\Windows\System32\drivers\dxgkrnl.sys 2BB5627EB587FA995086C3D8C21B6D3FC:\Windows\System32\drivers\evbda.sys 5AB97B3282D7D6114949D1EB5C8598E4C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 03E1B8BA59327D186C7C533A6998FEF9C:\Windows\System32\drivers\EhStorClass.sys 66D60BD9A4C05616ABECA2A901475098C:\Windows\System32\drivers\EhStorTcgDrv.sys A61D0F543024E458C0FE32352E1978E2C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 142EA7DF1851C563571F2DCFC7AFBB40C:\Windows\System32\drivers\errdev.sys D790D058D67582DB9C84C2D33695FE6BC:\Windows\System32\Drivers\exfat.sys 7A4D6FEB8C52B3FE855E4DCDF9107E03C:\Windows\System32\Drivers\fastfat.sys 60996602A7111FD2D086E803F33E4282C:\Windows\System32\drivers\fdc.sys 73B2D11DF0B6E03A0CB0323218ACB3E4C:\Windows\System32\drivers\fileinfo.sys 88A9EBACD1058ABB237A6B4E96E7F397C:\Windows\System32\drivers\filetrace.sys 9E4EE3A0B00FF7D5F42A4AF9744CBA02C:\Windows\System32\drivers\flpydisk.sys B1D4C168FF7B8579E3745888658FFB1DC:\Windows\System32\drivers\fltmgr.sys B33EC133AE4E6C1881D2302D93D2467DC:\Windows\System32\drivers\FsDepends.sys A5F7873A39E4E9FAAAE59B7E9E36B705C:\Windows\System32\Drivers\Fs_Rec.sys A6DD7D491F587F4BC13FB972977DC8E8C:\Windows\System32\DRIVERS\fvevol.sys C1646A95EAC515F60CDB2A7A8A013C1EC:\Windows\System32\drivers\fxppm.sys A969D92973DFA895E7776B4BFE36DBB2C:\Windows\System32\drivers\gagp30kx.sys 52BC441E07A827EBAB70CDC7EAEDB28DC:\Windows\system32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092FC:\Windows\System32\drivers\vmgencounter.sys 721F8EEF5E9747F32670DEFF7FB92541C:\Windows\System32\Drivers\msgpioclx.sys FC2B8B06BDBD3B6457F5A3DA9AD2410EC:\Windows\system32\drivers\HdAudio.sys 630555943E5A3FE21010CE91EC7FC84FC:\Windows\System32\drivers\HDAudBus.sys 58CC013EFA9893057160EDA018D8ADCEC:\Windows\System32\drivers\HidBatt.sys 3F76BBA53D65E85A7F53E7A71082082CC:\Windows\System32\drivers\hidbth.sys 085F150D002B7F0153D3C06DDF33A143C:\Windows\System32\drivers\hidi2c.sys CC4A07E51D89575CAB6F4EB590D87CD4C:\Windows\System32\drivers\hidir.sys DC96F7DACB777CDEAEF9958A50BFDA06C:\Windows\System32\drivers\hidusb.sys 012C354B4AB48E9A7A657DF39E3A2073C:\Windows\System32\drivers\HpSAMD.sys 64DB7A8D97CA53DCCF93D0A1E08342CFC:\Windows\System32\drivers\HTTP.sys F4A91D985EB9D1D2717D538F3424603CC:\Windows\System32\drivers\hwpolicy.sys 2A98301068801700906C06649860FE94C:\Windows\System32\drivers\hyperkbd.sys DC76901D82097C9E297F20C287CB9A27C:\Windows\system32\DRIVERS\HyperVideo.sys 716413AB3CA12DE0A7222D28C1C9352CC:\Windows\System32\drivers\i8042prt.sys C9E9CBF73AFFBFE3E801EFB516787BA3C:\Windows\System32\drivers\iaStorA.sys 050F2539E14F9D5E90A4B61738EC29BDC:\Windows\System32\drivers\iaStorV.sys 5E394EBD26FD68AA9300332C46BEDD62C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20141002.001\IDSvia64.sys 77AC93E28B5F4DCE317EFA695E3F59E3C:\Windows\system32\DRIVERS\igdkmd64.sys 11A31FC2481BFE69B0507ED8C80215F4C:\Windows\System32\drivers\iirsp.sys 24847A06B84339FEEDE5CABF3D27D320C:\Windows\system32\drivers\RTKVHD64.sys E0B2C982CA743CE8B3CBD7DD50AB82B0C:\Windows\system32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBFC:\Windows\System32\drivers\intelide.sys 4F37726CF764CA18A8A84F85EF3A7F24C:\Windows\System32\drivers\intelppm.sys E15CDF68DD73423F15D4AC404793AF0DC:\Windows\System32\DRIVERS\ipfltdrv.sys 8FCA66234A0933D796BB780B7953BAB9C:\Windows\System32\drivers\IPMIDrv.sys A4071DA3AE419F9694BFCB267C7DB8D7C:\Windows\System32\drivers\ipnat.sys 3969B9C218DD3FAA9F4ED2FFC3651C02C:\Windows\System32\drivers\irenum.sys 25CD7C4BB2863FFC2B0B311F0AEBF77CC:\Windows\System32\drivers\isapnp.sys D940C5BB9DC92E588533C19ABCC3D2C2C:\Windows\System32\drivers\msiscsi.sys E6530FD4F61B40F338BF4355A21B9A09C:\Windows\System32\drivers\kbdclass.sys 8FBD94B69D6423E20ABCD59D86368B21C:\Windows\System32\drivers\kbdhid.sys E88C932ABDF8185A62C8F2FC7B051FB6C:\Windows\system32\DRIVERS\kdnic.sys FB6C185092E18011EF49989425C2AA87C:\Windows\System32\Drivers\ksecdd.sys 8B3EB6372436195B8EA8AE09A184BCE2C:\Windows\System32\Drivers\ksecpkg.sys 0EB535ADDC065F2D0CBFC089630A6065C:\Windows\system32\drivers\ksthunk.sys 81492FEEBF2F26455B00EE8DBAE8A1B0C:\Windows\system32\DRIVERS\lltdio.sys CEEFD29FC551F289810B0B9381B321DCC:\Windows\System32\drivers\lsi_sas.sys 022CDD12161B063D7852B1075BF3FFF2C:\Windows\System32\drivers\lsi_sas2.sys 07AD59D669B996F29F91817F0ECFA34FC:\Windows\System32\drivers\lsi_scsi.sys 216FB796AA4E252ACCE93B1BCB80B5ECC:\Windows\System32\drivers\lsi_sss.sys 5E80530AF37102488EE980B4A92AF99FC:\Windows\system32\drivers\luafv.sys 2BDC5D711FA61307CE6190D47C956368C:\windows\system32\drivers\MBAMSwissArmy.sys 26C43960C99EE861A5D0EDC4DCF3B1C3C:\Windows\System32\drivers\megasas.sys 9B0D829C3BE4E7472DB9DD2B79908E3CC:\Windows\System32\drivers\MegaSR.sys ECC3F54C7AFC318271C4F0B4606D8DB0C:\Windows\System32\drivers\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85C:\Windows\System32\drivers\modem.sys 780098AD5DA8A4822E2563984C85EF7BC:\Windows\System32\drivers\monitor.sys EA8EAD3F5B762F889CC7F3966625B48BC:\Windows\System32\drivers\mouclass.sys 618446B98C79776654340CE27C73485EC:\Windows\System32\drivers\mouhid.sys C0ADEBED913295803B579ED288936CBBC:\Windows\System32\drivers\mountmgr.sys E7E9DBFDD3F25ED0C05B99AE9FA18BDEC:\Windows\System32\drivers\mpsdrv.sys 4CCBBD4944777CA100B9A6C2F149A46FC:\Windows\system32\drivers\mrxdav.sys 25560C1656DC7F0723A0CC0B0E1C6BEDC:\Windows\System32\DRIVERS\mrxsmb.sys 14EE56050E1637926F5CFA65B1F4209BC:\Windows\System32\DRIVERS\mrxsmb10.sys 06D5F2FA3C61E8EA91648EA8E9F99FD3C:\Windows\System32\DRIVERS\mrxsmb20.sys 0AA400AB21745F1153ECE75E0186509AC:\Windows\system32\DRIVERS\bridge.sys 98487487D6B3797CA927E9D7B030AE13C:\Windows\System32\Drivers\Msfs.sys 3886F1F2A4D2900ABAA7E4486BEEE6A2C:\Windows\System32\drivers\msgpiowin32.sys C32A7A39B960A42BA9D4FBE47213CA03C:\Windows\System32\drivers\mshidkmdf.sys D3857A767B91A061B408CCAB02DA4F40C:\Windows\System32\drivers\mshidumdf.sys 839B48910FB1E887635C48F3EC11A05EC:\Windows\System32\drivers\msisadrv.sys 55C0DB741E3AB7463242B185B1C2997CC:\Windows\system32\drivers\MSKSSRV.sys 509809566E49F4411055864EA8D437CDC:\Windows\system32\DRIVERS\mslldp.sys 63145201D6458E4958E572E7D6FC2604C:\Windows\system32\drivers\MSPCLOCK.sys 99D526E803DB6D7FF290FD98B6204641C:\Windows\system32\drivers\MSPQM.sys 06FA77C3E2A491ADCD704C5E73006269C:\Windows\System32\Drivers\MsRPC.sys E134EC4DE11CF78CB01432D180710D84C:\Windows\System32\drivers\mssmbios.sys B5AECF12F09DEE97C9FCAA5BA016CE1EC:\Windows\system32\drivers\MSTEE.sys 72D66A05E0F99F2528F6C6204FD22AA1C:\Windows\System32\drivers\MTConfig.sys 8AAAE399FC255FA105D4158CBA289001C:\Windows\System32\Drivers\mup.sys 3BCB702F3E6CC622DCAFCAA45D7CDE0AC:\Windows\System32\drivers\mvumis.sys 3A1E095277BBD406CEA8EA6B76950664C:\Windows\system32\DRIVERS\nwifi.sys 43D7388A90A4C6EA346A4D6FF0377479C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141002.018\ENG64.SYS C180A82874D3CDC390A27F2F1E1AF025C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20141002.018\EX64.SYS E66CA6C321614D7BC0AFC9C8436131B9C:\Windows\System32\drivers\ndis.sys A10E176F3B2BF83EDE7B5C4658C93B66C:\Windows\system32\DRIVERS\ndiscap.sys 39C8A1D9D46F5E83A016BCAB72455284C:\Windows\system32\DRIVERS\NdisImPlatform.sys 762941932B7E4C588E48A577BA9D6440C:\Windows\system32\DRIVERS\ndistapi.sys 7A6F8A6D0E01432EBA294EF29CDD0FA7C:\Windows\system32\DRIVERS\ndisuio.sys 79AB68BB3FFF974AD4F41FA559F4EC67C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8C:\Windows\System32\Drivers\NDProxy.sys 3730942D7DB2F8BB5F84542B7FF6F650C:\Windows\System32\drivers\Ndu.sys D3F60A4345FCA9C1BE68AD7D0D6DE770C:\Windows\system32\DRIVERS\netaapl64.sys EE00C544C025958AF50C7B199F3C8595C:\Windows\System32\DRIVERS\netbios.sys 7C203A76394F9AE68F69EEE5F9612C4AC:\Windows\System32\DRIVERS\netbt.sys 7CEC25C682D319D484630B3952C31A11C:\Windows\System32\drivers\nfrd960.sys 12DD2800E4EEA37DC9AE256AD62423B4C:\Windows\System32\Drivers\Npfs.sys 17E19A742FB30C002F8B43575451DBE1C:\Windows\System32\drivers\npsvctrig.sys 8ED299C30792544264E558BEA79F0947C:\Windows\System32\drivers\nsiproxy.sys 689B3B1E95C70ABF7AFF29F9406EF1E0C:\Windows\System32\Drivers\Ntfs.sys 7BE3EDFFA3216F989A6BDCB14795DD08C:\Windows\System32\Drivers\Null.sys 4163ADE07DB51843AE31F65B94F5398DC:\Windows\System32\drivers\nvraid.sys D6D34118263412D3AAA8348A9572B7F2C:\Windows\System32\drivers\nvstor.sys 27AFC428D1D32ABD04A86763A4EDDEA9C:\Windows\System32\drivers\nv_agp.sys 051CFB5107BAAE510419BDC41F8C4036C:\Windows\System32\drivers\parport.sys 4563DAF8C6A740AD7F501E219BD10766C:\Windows\System32\drivers\partmgr.sys D6ACCF9F2EEEEA711C14EFD976E573F3C:\Windows\System32\drivers\pci.sys 4A003E8F718C1E6A2050CA98CD53E3E2C:\Windows\System32\drivers\pciide.sys F9908D274D458220F91E89B54D78D837C:\Windows\System32\drivers\pcmcia.sys 84D19CB6102627932DCB5DFDF89FE269C:\Windows\System32\drivers\pcw.sys CEBBAD5391C2644560C55628A40BFD27C:\Windows\System32\drivers\pdc.sys 0698DEDEAD6A00AD0D468C687D830FBFC:\Windows\System32\drivers\peauth.sys 61FE70659CD43E07F94DA4DC31DEC493C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys EE926C59CBD4DC4DC9FBB85014A2F1A5C:\Windows\system32\DRIVERS\raspptp.sys 362D47E5B4D67270DE4B8606036F4ADDC:\Windows\System32\drivers\processr.sys DD979EB6A7212F60E4AFBE96EDC7AE6DC:\Windows\system32\DRIVERS\pacer.sys EB8034147D4820CD31BFCB11A2A652DFC:\Windows\system32\drivers\qwavedrv.sys 13D47BB0CCA2FC51BD15F8E85C6A078EC:\Windows\System32\DRIVERS\rasacd.sys 873C60F8178100557740A832FCE10B5FC:\Windows\system32\DRIVERS\AgileVpn.sys 69B93F623B130976243ECA3D84CC99CAC:\Windows\system32\DRIVERS\rasl2tp.sys A14D625C5AEE5FFE0F47D1A1D419FAAEC:\Windows\system32\DRIVERS\raspppoe.sys 00695B9C2DB6111064499C529E90C042C:\Windows\system32\DRIVERS\rassstp.sys A7F24D8CD1956B0A1FDCB86CC5114DE4C:\Windows\System32\DRIVERS\rdbss.sys CA03D642ACE58E1BA54E4B383F91CD69C:\Windows\System32\drivers\rdpbus.sys CA7DF5EC95D8DE0DD24BE7FF97369F68C:\Windows\System32\drivers\rdpdr.sys B2A3AD74FF2E2FFA73AF2567108231B3C:\Windows\System32\drivers\rdpvideominiport.sys 57F4787E4602A3FCA719C0A33137C6DAC:\Windows\System32\Drivers\RDPWD.sys B3CB0721E81E30419CE7D837EF4EA151C:\Windows\System32\drivers\rdyboost.sys 62C1F8A0685FE07E998AA296C4F697C4C:\Windows\System32\drivers\rfcomm.sys CCBFCABDFE2BC22F0645CEAADDB36004C:\Windows\System32\Drivers\RimUsb_AMD64.sys 7B04C9843921AB1F695FB395422C5360C:\Windows\system32\DRIVERS\rspndr.sys E04E770DD198B9399640717145E79EBFC:\Windows\System32\Drivers\RtsUStor.sys 0E32A8922DCFD28EA00AAEC07CB3F331C:\Windows\system32\DRIVERS\RtkBtfilter.sys 8A78690AC84AE5150A34C7525B450395C:\Windows\system32\DRIVERS\Rt630x64.sys 34DA0D14F5C3F1883A331AFB975AB434C:\Windows\system32\DRIVERS\rtwlane.sys 097AA0B75675862070248796E1CC04D1C:\Windows\system32\DRIVERS\rtwlane.sys 097AA0B75675862070248796E1CC04D1C:\Windows\System32\drivers\vms3cap.sys 752EC7DCD2F96871A3857EEE6AFE965AC:\Program Files (x86)\YTDownloader\sbmntr.sys D79A2AE308C857779B02B25C7A481D8CC:\Windows\System32\drivers\sbp2port.sys 9C7B28CE0D136DB226E24DB3BC817F92C:\Windows\System32\DRIVERS\scfilter.sys 5D7733A12756B267FCA021672B26BC9EC:\Windows\system32\drivers\ScreamingBAudio64.sys 8B56BDCE6A303DDE63D63440D1CF9AD1C:\Windows\System32\drivers\sdbus.sys F58B030A0664385C707B8C1C63682041C:\Windows\System32\drivers\sdstor.sys BB107AA9980B0DA4E19A3A90C3BD4460C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legitC:\Windows\System32\drivers\SerCx.sys 87C46B239A7EEF30FDFDD5E9BD46130CC:\Windows\System32\drivers\serenum.sys 7A1F9347C85FD55E39B8A76B3A25C5ADC:\Windows\System32\drivers\serial.sys F640A0A218BBF857F1D04A15D7D939F6C:\Windows\System32\drivers\sermouse.sys F1A5F56B2620B862CC28FF96A0A6DAABC:\Windows\System32\drivers\sfloppy.sys 7EE65419B29302C795714FF8073969A1C:\Windows\System32\drivers\SiSRaid2.sys 2560721D6F16D5B611C36A3A9D28C1B2C:\Windows\System32\drivers\sisraid4.sys 3AA8FDE1DBF65BB8B88B053529554A0DC:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 4A2972573225A2DE4DEC0AD68529DF0FC:\Windows\System32\drivers\spaceport.sys 9110193D93960E38B8692E4519C75D72C:\Windows\System32\drivers\SpbCx.sys 3D8679C8DF52EB26EB7583A4E0A29202C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS E163E10191958FF6A2B0B48353F9E9FDC:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS 68E7B6708B9EEE021301C483825D05EAC:\Windows\System32\DRIVERS\srv.sys 0F1FCD575A03ABDE13FCA9D0ADE4DDA6C:\Windows\System32\DRIVERS\srv2.sys B56A855B23676CCE05B626C6037FD02FC:\Windows\System32\DRIVERS\srvnet.sys 78E9665C8DC59106D133CBEF0F0C3DE3C:\Windows\System32\drivers\stexstor.sys 4E85355B94CFCB67C135F6521A4895A7C:\Windows\System32\drivers\storahci.sys B240874B2CA0CD02E8CD11E140B14C57C:\Windows\System32\DRIVERS\vmstorfl.sys F74DBC95A57B1EE866D3732EB5F79BE2C:\Windows\System32\drivers\storvsc.sys 543CD3CC0E05B8D8815E0D4F040B6F59C:\Windows\System32\drivers\swenum.sys 4AFD66AAE74FFB5986BC240744DC5FC9C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS 5C9EE2303CA7F267665D75237862B39CC:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS 9F31630D7FC2DD9D5DA1CE359AAD1F46C:\Windows\system32\drivers\NISx64\1506000.020\SymELAM.sys 20F758E6339A16F97DD83389D582E09AC:\windows\system32\Drivers\SYMEVENT64x86.SYS 97E11C50CE52277B377396EA8838E539C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS 2C95265BE19F338E1C1090E4E91055BBC:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS 5570A74FF9B1EFBC5154DD1E2F05C517C:\Windows\system32\DRIVERS\SynTP.sys 5385DA405FDAAB0BD2AF0B24723FBA46C:\Windows\System32\drivers\tcpip.sys 2AE9136724568DB4F08BC04F131CFC54C:\Windows\system32\DRIVERS\tcpip.sys 2AE9136724568DB4F08BC04F131CFC54C:\Windows\System32\drivers\tcpipreg.sys 8F2A13A5DF99D72FDDE87F502A66F989C:\Windows\system32\DRIVERS\tdcmdpst.sys 58480A57ACF2671C343FD1D4BA990E34C:\Windows\system32\DRIVERS\tdx.sys 73DC722CE5DF26D7638CE2446F2655C7C:\Windows\System32\drivers\terminpt.sys F7C8AB5D8AFFAA318D6A21093D139BF4C:\Windows\System32\drivers\Thotkey.sys 16E745743BABAF480B7718442F38B076C:\Windows\System32\drivers\tosrfec.sys A884A627C0B6E8B238759FC73C1AAAAFC:\Windows\System32\drivers\tos_sps64.sys 36391C3953D191A2AF4556D5D706C641C:\Windows\system32\drivers\tpm.sys E94F7A7B48C7638D1F3F8089344C97B7C:\Windows\System32\drivers\tsusbflt.sys 4E7C5FB10A50435523DE0CAA37DE2BD3C:\Windows\System32\drivers\TsUsbGD.sys 16D684A820872EE54F6370703AC0B513C:\Windows\system32\DRIVERS\tunnel.sys 78C9EE193AC2B4CBDBC48B620314D740C:\Windows\System32\drivers\TVALZ_O.SYS 54BDBF3D4DED58DA78B702471C68D4CAC:\Windows\system32\DRIVERS\TVALZFL.sys 55A9A23DD64EB7781FCAB565B028CD0EC:\Windows\System32\drivers\uagp35.sys 6D4F67CA56ACA2085DFA2CD89EAFBC1AC:\Windows\System32\drivers\uaspstor.sys 6FD6D03B7752C78712E5CFF29A305026C:\Windows\System32\drivers\ucx01000.sys 061BA3EE0D2BE17944990544008CF190C:\Windows\System32\DRIVERS\udfs.sys 25C50F4EDF70D0A831E0566BD181CCF2C:\Windows\System32\drivers\uliagpkx.sys 07FEBCDF24FABA0D47B635D85A0FFB7AC:\Windows\System32\drivers\umbus.sys 02CEB3FE6152668A7BA420B93B664860C:\Windows\System32\drivers\umpass.sys 991EE6B5FC41EAEF99C8AF5B92F2CA09C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240C:\Windows\system32\drivers\usbaudio.sys 9E9F21FF91D7ECC0BCCB94D3FE52A959C:\Windows\System32\drivers\usbccgp.sys C976C4306F9AE133D6BBD47FDFC3BF92C:\Windows\System32\drivers\usbcir.sys 427B6DB8C05A5A977E8C3525370A2595C:\Windows\System32\drivers\usbehci.sys B24FDEB1B18496F1B463782235AA3AF1C:\Windows\System32\drivers\usbhub.sys F8C2A832DF9403F5EA8080CBDBDA95FBC:\Windows\System32\drivers\UsbHub3.sys FAAB461D5AEB21EE5FC5C0DBD6648223C:\Windows\System32\drivers\usbohci.sys 325F6179009B5A7F6118951A5BA422ABC:\Windows\System32\drivers\usbprint.sys 9FDBA6982582A6F2354144980F641E7BC:\Windows\System32\drivers\USBSTOR.SYS BFC7FE4AAEB61317A921871B4085EF4BC:\Windows\System32\drivers\usbuhci.sys 1ABF657259DB57F7E5558E4DF1357C0CC:\Windows\System32\Drivers\usbvideo.sys 9EF7C01D3ACCBC243B5CB1A95865B2FFC:\Windows\System32\drivers\USBXHCI.SYS 8DC398D7B8E02C929A2096E74A170970C:\Windows\System32\drivers\vdrvroot.sys BACECBFF9C97F7627A60B0E0F1FE7EE8C:\Windows\System32\drivers\VerifierExt.sys 74FA2D4368DE6F6CE14393EDF1F342BEC:\Windows\System32\drivers\vhdmp.sys D4051AA2ACD38AABF9DEC24B8A331EB1C:\Windows\System32\drivers\viaide.sys F5B4A14B00E89250C50982AC762DDD1DC:\Windows\System32\drivers\vmbus.sys 78DB50F7329F6D1311658DABFFFC8BE0C:\Windows\System32\drivers\VMBusHID.sys ECFEE2F2BA3932C7880D1A8F67D68F91C:\Windows\System32\drivers\volmgr.sys CB60FAAED8B49B812EBBF77EB87D9B18C:\Windows\System32\drivers\volmgrx.sys A74101DA9809251BCD0E5A26BAE0F824C:\Windows\System32\drivers\volsnap.sys AA37946941ED3805AB3A924965907147C:\Windows\System32\drivers\vpci.sys A8DA1C1B52ECEA3726DEBED4FF1B700DC:\Windows\System32\drivers\vsmraid.sys 38A60CD9C009C55C6D3B5586F8E6A353C:\Windows\System32\drivers\vstxraid.sys A0F6FE0FC2F647C22BBFD6BD4249DBCCC:\Windows\System32\drivers\vwifibus.sys 62460A45435A26A334907E3F2EA45611C:\Windows\system32\DRIVERS\vwififlt.sys 095E943D27025E4D588AF0A72CC2318FC:\Windows\system32\DRIVERS\vwifimp.sys 73FA1A41A97A5C34ADC03B3577FF1A86C:\Windows\System32\drivers\wacompen.sys 6B806E893714019969E2B50D7EF6A4D9C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051C:\Windows\System32\drivers\wd.sys B3A4D918DAB90505B6BC7B70632913CBC:\Windows\system32\drivers\WdBoot.sys B7FD627AAE8E95848BFEC437C923A87EC:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8C:\Windows\system32\drivers\WdFilter.sys FAC362ED29713A535C6E2EEFFA5B4733C:\Windows\System32\DRIVERS\wfplwfs.sys 44BB9C31E6242C4BD1CE7C2B440C2533C:\Windows\System32\drivers\wimmount.sys A3C7624A42A3447EF5EDD1ED37FE4E60C:\Windows\system32\DRIVERS\WinUsb.sys BB20956C424531003F7FA6CD36F11D5DC:\Windows\System32\drivers\wmiacpi.sys E2A596CACFC6504306CDB7B593B90084C:\Windows\System32\DRIVERS\wpcfltr.sys C6FF953D5D6F2EAE3B8883474D5076B3C:\Windows\System32\drivers\WpdUpFltr.sys 0346CAFC181C91C6E2330332EB332ED6C:\Windows\system32\drivers\ws2ifsl.sys BC8B5CB336E63BB25EAD1CE8EDD34B81C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869FC:\Windows\System32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659==================== NetSvcs (Whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)==================== One Month Created Files and Folders ========(If an entry is included in the fixlist, the file\folder will be moved.)2015-01-22 03:54 - 2015-01-22 03:54 - 00000000 ____D () C:\FRST2015-01-21 23:38 - 2015-01-21 23:38 - 00001732 _____ () C:\ProgramData\tempimage.bmp2015-01-21 23:38 - 2015-01-21 23:38 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Local\HealthAlert2015-01-21 23:34 - 2015-01-21 23:34 - 00000000 ____D () C:\Program Files (x86)\predm2015-01-21 23:33 - 2015-01-21 23:34 - 00000000 ____D () C:\ProgramData\SLduKrmD2015-01-21 23:20 - 2015-01-21 23:20 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-01-21 23:19 - 2015-01-21 23:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Joshy poo!\Downloads\mbam-setup-2.0.4.1028.exe2015-01-21 21:44 - 2015-01-21 21:44 - 00613057 _____ (CMI Limited) C:\Users\Joshy poo!\AppData\Local\nsq3188.tmp2015-01-21 21:41 - 2015-01-21 21:41 - 00001111 _____ () C:\Users\Joshy poo!\Desktop\Continue Live Installation.lnk2015-01-21 21:40 - 2015-01-21 21:40 - 00628496 _____ (CMI Limited) C:\Users\Joshy poo!\AppData\Local\nsb620A.tmp2015-01-21 21:21 - 2015-01-21 21:21 - 00000044 _____ () C:\Users\Joshy poo!\AppData\Roaming\WB.CFG2015-01-21 21:14 - 2015-01-21 21:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-01-21 21:02 - 2015-01-22 00:04 - 00000376 _____ () C:\windows\Tasks\APSnotifierPP3.job2015-01-21 21:02 - 2015-01-22 00:04 - 00000376 _____ () C:\windows\Tasks\APSnotifierPP2.job2015-01-21 21:02 - 2015-01-21 22:07 - 00000378 _____ () C:\windows\Tasks\APSnotifierPP1.job2015-01-21 21:02 - 2015-01-21 21:43 - 00002818 _____ () C:\windows\System32\Tasks\APSnotifierPP12015-01-21 21:02 - 2015-01-21 21:43 - 00002816 _____ () C:\windows\System32\Tasks\APSnotifierPP32015-01-21 21:02 - 2015-01-21 21:43 - 00002816 _____ () C:\windows\System32\Tasks\APSnotifierPP22015-01-21 20:25 - 2015-01-21 20:25 - 00613057 _____ (CMI Limited) C:\Users\Joshy poo!\AppData\Local\nsuC946.tmp2015-01-21 20:25 - 2015-01-21 20:25 - 00000000 __SHD () C:\Users\Joshy poo!\AppData\Roaming\AnyProtectEx2015-01-21 20:22 - 2015-01-21 20:22 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Local\Vosteran2015-01-21 20:21 - 2015-01-22 00:03 - 00000000 ____D () C:\Program Files (x86)\ver0BlockAndSurf2015-01-21 20:21 - 2015-01-21 23:27 - 00001792 _____ () C:\windows\SysWOW64\${LOGFILE}2015-01-21 20:21 - 2015-01-21 20:21 - 00000000 ____D () C:\ProgramData\{A7B34F70-F731-9EF6-46B7-EE7496353DFA}2015-01-21 20:20 - 2015-01-22 00:03 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Local\SmartWeb2015-01-21 20:17 - 2015-01-21 20:18 - 00772168 _____ (Reimage&regWink C:\Users\Joshy poo!\Downloads\ReimageRepair.exe2015-01-21 20:16 - 2015-01-22 02:47 - 00001366 _____ () C:\windows\Tasks\JGVG.job2015-01-21 20:16 - 2015-01-21 20:16 - 00004378 _____ () C:\windows\System32\Tasks\JGVG2015-01-21 20:15 - 2015-01-22 02:47 - 00001368 _____ () C:\windows\Tasks\WXPZA.job2015-01-21 20:15 - 2015-01-22 00:03 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro2015-01-21 20:15 - 2015-01-21 20:15 - 00004378 _____ () C:\windows\System32\Tasks\WXPZA2015-01-21 20:15 - 2015-01-21 20:15 - 00003726 _____ () C:\windows\System32\Tasks\SMupdate12015-01-21 20:15 - 2015-01-21 20:15 - 00003586 _____ () C:\windows\System32\Tasks\YTDownloader2015-01-21 20:14 - 2015-01-22 00:03 - 00000000 ____D () C:\Program Files (x86)\ShopperPro2015-01-21 20:14 - 2015-01-21 20:15 - 00003908 _____ () C:\windows\System32\Tasks\YTDownloaderUpd2015-01-21 20:14 - 2015-01-21 20:14 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader2015-01-21 20:14 - 2015-01-21 20:14 - 00000000 ____D () C:\Program Files (x86)\YTDownloader2015-01-21 20:12 - 2015-01-21 20:12 - 00000078 _____ () C:\Users\Joshy poo!\AppData\Roaming\Selection Tools.installation.log2015-01-21 20:12 - 2015-01-21 20:12 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Roaming\WTools2015-01-21 20:12 - 2015-01-21 20:12 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Roaming\Booster-Web2015-01-21 20:12 - 2015-01-21 20:12 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Local\CrashRpt2015-01-21 20:11 - 2015-01-21 23:54 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Roaming\Store2015-01-21 20:10 - 2015-01-22 00:03 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Roaming\SoftwareUpdater2015-01-21 20:09 - 2015-01-21 20:09 - 00003516 _____ () C:\windows\System32\Tasks\PastaLeads2015-01-21 20:09 - 2015-01-21 20:09 - 00000097 _____ () C:\Users\Joshy poo!\AppData\Roaming\WOffer.boostrap.log2015-01-21 20:08 - 2015-01-22 00:03 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Local\wincheck2015-01-21 20:06 - 2015-01-21 20:13 - 00000000 ____D () C:\Users\Joshy poo!\Downloads\The.Hunger.Games.Mockingjay.Part.1.DVDRip[Xvid]AC3.1[Eng]2015-01-21 20:05 - 2015-01-21 20:05 - 00028989 _____ () C:\Users\Joshy poo!\Downloads\The.Hunger.Games.Mockingjay.Part.1.DVDRip[Xvid]AC3.1[Eng].torrent2015-01-21 19:59 - 2015-01-22 02:47 - 00001368 _____ () C:\windows\Tasks\YEUEF.job2015-01-21 19:59 - 2015-01-22 00:03 - 00000000 ____D () C:\Program Files (x86)\Flwsrf2015-01-21 19:59 - 2015-01-21 19:59 - 00513024 _____ () C:\Users\Joshy poo!\Downloads\MediaPlayerSetup7.3.3__6629_i1454001790_il1882.exe2015-01-21 19:59 - 2015-01-21 19:59 - 00004378 _____ () C:\windows\System32\Tasks\YEUEF2015-01-21 19:59 - 2015-01-21 19:59 - 00000002 _____ () C:\END2015-01-21 19:59 - 2014-12-04 23:09 - 00370880 _____ (Abengine) C:\windows\system32\abengine64.dll2015-01-21 19:58 - 2015-01-22 02:47 - 00001368 _____ () C:\windows\Tasks\JMKWY.job2015-01-21 19:58 - 2015-01-21 19:58 - 00513024 _____ () C:\Users\Joshy poo!\Downloads\MediaPlayerSetup7.3.3__6629_i1454001203_il1882.exe2015-01-21 19:58 - 2015-01-21 19:58 - 00004380 _____ () C:\windows\System32\Tasks\JMKWY2015-01-21 19:57 - 2015-01-21 23:54 - 00000000 ____D () C:\Program Files (x86)\globalUpdate2015-01-21 19:57 - 2015-01-21 19:57 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Local\globalUpdate2015-01-21 19:56 - 2015-01-21 19:56 - 00513024 _____ () C:\Users\Joshy poo!\Downloads\MediaPlayerSetup7.3.3__6629_i1454000231_il1882.exe2015-01-21 07:59 - 2015-01-21 07:59 - 00003780 _____ () C:\windows\System32\Tasks\RunTool2015-01-17 19:29 - 2015-01-17 19:29 - 00000000 ____D () C:\f9a53d9e44c3b09113482015-01-14 19:03 - 2014-11-27 02:40 - 00600576 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2015-01-14 19:03 - 2014-11-27 01:28 - 00523264 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2015-01-14 19:03 - 2014-11-15 06:06 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe2015-01-14 19:03 - 2014-11-15 05:13 - 03286016 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll2015-01-14 19:03 - 2014-11-15 05:13 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll2015-01-14 19:03 - 2014-11-15 05:13 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll2015-01-14 19:03 - 2014-11-15 05:13 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll2015-01-14 19:03 - 2014-11-15 05:13 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll2015-01-14 19:03 - 2014-11-15 05:13 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll2015-01-14 19:03 - 2014-11-15 05:13 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe2015-01-14 19:03 - 2014-11-15 05:12 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll2015-01-14 19:03 - 2014-11-15 03:54 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe2015-01-14 19:03 - 2014-11-15 03:53 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll2015-01-14 19:03 - 2014-11-15 03:53 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll2015-01-14 19:03 - 2014-11-15 03:53 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll2015-01-14 19:03 - 2014-11-05 06:39 - 01024512 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll2015-01-14 19:03 - 2014-11-01 06:28 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\services.exe2015-01-14 19:02 - 2014-12-19 06:48 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll2015-01-14 19:02 - 2014-12-19 04:35 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys2015-01-14 19:02 - 2014-12-11 07:35 - 06973248 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe2015-01-14 19:02 - 2014-12-11 06:51 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe2015-01-14 19:02 - 2014-12-06 07:53 - 00458240 _____ (Microsoft Corporation) C:\windows\system32\wer.dll2015-01-14 19:02 - 2014-12-06 07:53 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe2015-01-14 19:02 - 2014-12-06 07:52 - 00384000 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll2015-01-14 19:02 - 2014-12-06 07:52 - 00357376 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll2015-01-14 19:02 - 2014-12-06 07:52 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll2015-01-14 19:02 - 2014-12-06 07:51 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll2015-01-14 19:02 - 2014-12-06 07:51 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll2015-01-14 19:02 - 2014-12-06 07:50 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll2015-01-14 19:02 - 2014-12-06 06:10 - 00355840 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll2015-01-14 19:02 - 2014-12-06 06:10 - 00023552 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe2015-01-14 19:02 - 2014-12-06 06:09 - 00332800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll2015-01-14 19:02 - 2014-12-06 06:09 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll2015-01-14 19:02 - 2014-11-05 06:40 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll2015-01-14 19:02 - 2014-10-29 14:21 - 00499008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys2015-01-14 19:02 - 2014-10-27 22:10 - 00390841 _____ () C:\windows\system32\ApnDatabase.xml2015-01-09 20:00 - 2015-01-09 20:00 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Local\53aa17a3-e6e8-4ebb-866c-c20b62f9b17b2015-01-08 22:30 - 2015-01-09 01:40 - 00000000 ____D () C:\Program Files (x86)\Fish Tycoon2015-01-08 22:30 - 2015-01-08 22:30 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fish Tycoon2015-01-08 22:30 - 2015-01-08 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fish Tycoon2015-01-08 22:29 - 2015-01-09 01:52 - 00000000 ____D () C:\ProgramData\TEMP2015-01-08 22:28 - 2015-01-08 22:28 - 00000000 ____D () C:\ProgramData\Big Fish2015-01-08 22:12 - 2015-01-21 23:29 - 00000000 ____D () C:\BigFishCache2015-01-08 22:12 - 2015-01-08 22:28 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Local\Big Fish2015-01-02 15:13 - 2015-01-02 15:13 - 00000000 _____ () C:\Users\Joshy poo!\Desktop\New Text Document.txt==================== One Month Modified Files and Folders =======(If an entry is included in the fixlist, the file\folder will be moved.)2015-01-22 03:53 - 2013-04-04 17:00 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Roaming\uTorrent2015-01-22 03:21 - 2013-04-05 15:00 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2015-01-22 03:07 - 2014-05-09 07:22 - 01658534 _____ () C:\windows\WindowsUpdate.log2015-01-22 03:02 - 2013-03-28 17:21 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1011432725-1684852032-1684055089-10012015-01-22 03:02 - 2012-07-26 08:12 - 00000000 ____D () C:\windows\system32\sru2015-01-22 02:59 - 2014-05-09 00:05 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2015-01-22 02:47 - 2013-04-05 15:00 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2015-01-22 02:30 - 2014-10-10 20:31 - 00000436 _____ () C:\windows\system32\Drivers\etc\hosts.ics2015-01-22 02:29 - 2012-07-26 07:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-01-22 00:50 - 2014-04-08 14:32 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-01-22 00:03 - 2014-05-09 19:14 - 00462972 _____ () C:\windows\PFRO.log2015-01-22 00:03 - 2014-04-11 23:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-01-21 23:54 - 2013-09-25 01:38 - 00000000 ____D () C:\ProgramData\BitGuard2015-01-21 23:39 - 2013-05-05 10:52 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update2015-01-21 23:38 - 2014-04-12 15:17 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Roaming\PerformerSoft2015-01-21 23:35 - 2014-04-11 23:16 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2015-01-21 23:35 - 2014-04-11 23:16 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk2015-01-21 23:35 - 2013-08-25 16:13 - 00002317 _____ () C:\Users\Joshy poo!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk2015-01-21 23:35 - 2013-04-05 15:01 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-01-21 23:35 - 2013-03-28 17:15 - 00001445 _____ () C:\Users\Joshy poo!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2015-01-21 23:30 - 2014-07-08 13:56 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v22015-01-21 23:24 - 2013-03-28 20:19 - 00000960 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011432725-1684852032-1684055089-1001UA.job2015-01-21 23:20 - 2014-04-08 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-01-21 23:20 - 2014-04-08 14:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-01-21 22:23 - 2013-11-16 12:20 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Local\CrashDumps2015-01-21 20:25 - 2013-04-05 00:00 - 00000000 ____D () C:\Users\Joshy poo!\AppData\Roaming\vlc2015-01-21 20:24 - 2013-03-28 20:19 - 00000938 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1011432725-1684852032-1684055089-1001Core.job2015-01-21 20:21 - 2014-06-12 18:38 - 00387527 _____ () C:\windows\setupact.log2015-01-21 20:14 - 2012-07-26 08:12 - 00000000 ____D () C:\Program Files\Common Files\System2015-01-19 05:11 - 2014-08-27 01:37 - 00000000 ____D () C:\windows\rescache2015-01-19 03:48 - 2012-07-26 05:26 - 00262144 ___SH () C:\windows\system32\config\ELAM2015-01-17 19:33 - 2012-07-26 05:26 - 00262144 ___SH () C:\windows\system32\config\BBI2015-01-17 19:32 - 2012-07-26 08:12 - 00000000 ____D () C:\windows\system32\en-GB2015-01-17 19:29 - 2013-08-10 22:35 - 00000000 ____D () C:\windows\system32\MRT2015-01-17 19:29 - 2013-04-04 15:03 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe2015-01-16 19:45 - 2013-07-10 15:04 - 00000000 ____D () C:\Users\Joshy poo!\Downloads\Films2015-01-16 19:38 - 2012-07-26 07:28 - 00848056 _____ () C:\windows\system32\PerfStringBackup.INI2015-01-15 19:49 - 2014-02-14 14:47 - 00000000 ____D () C:\Users\Joshy poo!\Documents\Stuffy stuff2015-01-15 19:49 - 2013-06-21 14:02 - 00000000 ____D () C:\Users\Joshy poo!\Documents\Short Film Scripts2015-01-14 19:13 - 2012-07-26 07:59 - 00000000 ____D () C:\windows\CbsTemp2015-01-13 20:59 - 2014-05-09 00:05 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2015-01-08 22:30 - 2012-12-21 04:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2015-01-05 23:28 - 2014-12-15 03:36 - 00714176 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe2015-01-05 23:28 - 2014-12-15 03:36 - 00106440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl2015-01-05 01:19 - 2012-07-26 08:12 - 00000000 ____D () C:\windows\system32\NDF2014-12-23 04:53 - 2013-04-07 04:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15==================== Files in the root of some directories =======2014-09-01 08:18 - 2014-09-01 08:18 - 0002086 _____ () C:\Users\Joshy poo!\AppData\Roaming\JGVG2014-09-01 08:18 - 2014-09-01 08:18 - 0001248 _____ () C:\Users\Joshy poo!\AppData\Roaming\JMKWY2015-01-21 20:12 - 2015-01-21 20:12 - 0000078 _____ () C:\Users\Joshy poo!\AppData\Roaming\Selection Tools.installation.log2013-05-28 16:47 - 2013-05-28 16:48 - 0001167 _____ () C:\Users\Joshy poo!\AppData\Roaming\trace_FilterInstaller.1.txt2013-05-28 16:47 - 2013-10-30 19:45 - 0000905 _____ () C:\Users\Joshy poo!\AppData\Roaming\trace_FilterInstaller.txt2013-05-28 16:47 - 2013-10-30 19:45 - 0000000 _____ () C:\Users\Joshy poo!\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt2015-01-21 21:21 - 2015-01-21 21:21 - 0000044 _____ () C:\Users\Joshy poo!\AppData\Roaming\WB.CFG2015-01-21 20:09 - 2015-01-21 20:09 - 0000097 _____ () C:\Users\Joshy poo!\AppData\Roaming\WOffer.boostrap.log2014-09-01 08:18 - 2014-09-01 08:18 - 0001248 _____ () C:\Users\Joshy poo!\AppData\Roaming\WXPZA2014-09-01 08:18 - 2014-09-01 08:18 - 0002086 _____ () C:\Users\Joshy poo!\AppData\Roaming\YEUEF2015-01-21 21:40 - 2015-01-21 21:40 - 0628496 _____ (CMI Limited) C:\Users\Joshy poo!\AppData\Local\nsb620A.tmp2015-01-21 21:44 - 2015-01-21 21:44 - 0613057 _____ (CMI Limited) C:\Users\Joshy poo!\AppData\Local\nsq3188.tmp2015-01-21 20:25 - 2015-01-21 20:25 - 0613057 _____ (CMI Limited) C:\Users\Joshy poo!\AppData\Local\nsuC946.tmp2015-01-21 23:38 - 2015-01-21 23:38 - 0001732 _____ () C:\ProgramData\tempimage.bmpZeroAccess:C:\Users\Joshy poo!\AppData\Local\Google\Desktop\InstallZeroAccess:C:\Program Files (x86)\Google\Desktop\InstallFiles to move or delete:====================C:\Users\Joshy poo!\jagex_cl_runescape_LIVE.datC:\Users\Joshy poo!\random.datSome content of TEMP:====================C:\Users\Joshy poo!\AppData\Local\Temp\5F67465C-2088-7A12-D348-FE5BBEA15209.exeC:\Users\Joshy poo!\AppData\Local\Temp\9696F194-FBAC-E12D-6210-9B43FAFCA97D.dllC:\Users\Joshy poo!\AppData\Local\Temp\9696F194-FBAC-E12D-6210-9B43FAFCA97D.exeC:\Users\Joshy poo!\AppData\Local\Temp\amt_mystartsearch.exeC:\Users\Joshy poo!\AppData\Local\Temp\APNSetup.exeC:\Users\Joshy poo!\AppData\Local\Temp\SpOrder.dllC:\Users\Joshy poo!\AppData\Local\Temp\sysad.exeC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite10156.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite10436.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite12053.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite12513.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite12678.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite12701.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite12774.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite12849.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite12938.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite13053.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite13298.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite13385.dllC:\Users\Joshy poo!\AppData\Local\Temp\System.Data.SQLite13713.dllC:\Users\Joshy poo!\A

- Collapse -
(NT) Again, please preview your posts.
Jan 22, 2015 12:07AM PST