APSDameon.exe system error and other PC problems

L

Lukee12

Member
Hi, I have recently started to see a few problems occurring on my desktop computer. I don't know if they are all related but I would like to try to sort them out.
To start with, Firefox is running very slowly, and an unresponsive script error is coming up every time i start it:

"A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.

Script: http://cdncache-a.akamaihd.net/load...366&pid=1602&zoneid=427655&ext=Video Player:6 "

Furthermore, I also have received an error message from APSDaemon.exe which says:

"The program can't start because MSVCR80.dll is missing from your computer..."

I receive the SAME message when i try to start Itunes. Also, despite having an ad blocker on my pc and on Firefox, i keep getting windows popping up, and links where they shouldn't be any.

To try to resolve this i have installed spybot, adaware and adblocker which has helped a bit, but i'm still having some problems. I have AVG Antivirus installed

Any assistance with all/any of these issues would be much appreciated!

Thanks
 
Last edited:
Please run the following.

1.

Please download AdwCleaner by Xplode onto your Desktop.



•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Scan.
•After the scan you will need to click on clean for it to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

2.

Please download Junkware Removal Tool to your desktop.

•Shutdown your antivirus to avoid any conflicts.
•Very important that you run the tool in this manner:
Right-mouse click JRT.exe and select Run as administrator
Do NOT just double-click it.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt in your next message.

3.

Please download Malwarebytes' Anti-Malware and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

Please post the log that Malwarebytes displays on your screen.

4.

Download OTL to your Desktop


•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.

So in your original thread asking for help, please give us a short description of what the problem is and then post the logs from the following 4 programs.

1. Adwcleaner
2. Junkware removal tool
3. Malwarebytes
4. OTL
 
Ok; here are the complete set of logs:

1) AdwCleaner - Downloaded but now when i try to open it, it says i need a new version which i can't download.

2) JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Luke on 27/01/2014 at 23:28:02.18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] webupdater
Successfully deleted: [Service] webupdater



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\vafplayer
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1046449433-2006701453-3206613784-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{211C1880-59C6-4215-8E49-2821A2C5BB3C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{559BF0F9-E040-8574-5CCD-5D6B87DF105A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1D32A4-1C65-439B-ADAC-C39C07064C2E}



~~~ Files

Successfully deleted: [File] "C:\Users\Luke\appdata\locallow\SkwConfig.bin"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Luke\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Luke\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{00355AD6-B819-4A5C-A7B2-7B0A78C3BEF8}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{01E8E7F9-2DFE-402F-A683-28E358680559}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{0225D040-9CEF-4ED1-8404-87CA1CB04E33}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{0436E1D7-08DF-4064-8813-8CA6B307773B}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{099B49F7-272E-4057-B706-3A435B05EF15}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{09C8721A-7678-4639-8A29-18EDDE4B3A06}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{0A6E7E95-AC5D-4779-AEAA-93658E9C34F2}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{0A8D53C7-1EE5-4787-95A9-A7B93D61C314}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{0AED3969-CD7B-4DA1-A6C5-7BFDE5B9DAEE}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{0B80A937-82F3-46B3-90D0-5B28719DCCDF}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{0D06EF32-A862-4212-B745-6FE5832ED807}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{0DE9D2A5-8743-472C-847E-44C73AEB5870}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{101C1F83-6E27-49FC-BB32-8B2F775302AF}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{10348B11-3F04-43BC-BBFC-8D896195AB95}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{12CEF1BE-7052-434C-BB17-2D183B57C887}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{144F295B-8973-4168-8F79-CA24B5D5352D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{15C1BB48-34BF-49CB-98A8-ABC05BDD93D4}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{185EB185-DD53-4A4A-BE4D-4D4298F47B82}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{189DCE9C-0AE0-4F75-A549-0E4C7A6D21DB}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{18B31EFD-4B91-4B8E-B7D1-C95D017EED05}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{1AA9D788-3063-4A19-BE9F-137AF120E7F0}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{1BDB1DC2-578C-45F0-8A90-AD34F8730393}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{1CA2D7FB-C776-4DB0-AF73-449BA72D6A0A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{1DDCB7EF-7AF1-4F72-A992-34B55DF32419}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{1F655A76-3361-4C66-93E3-6973B79DA2BC}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{1FACD25C-4706-460D-8964-B96D1AAC8F21}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{24CD935E-71FE-443D-8BD2-40E34EB61F19}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{24E9F0DF-5C4C-49A1-849C-25C13535DF76}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{25418E82-6684-4963-BA78-C70961308DE4}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{2B3E0812-D652-4E0E-BE3F-14D30B7BD3A3}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{2BB8536A-0A0C-4AD1-948B-0EBEEE982E5E}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{2CB23331-4303-4563-B692-6C6DD46BBA9C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{2CECC431-AE7E-4A87-B47F-B9D1CA2528D2}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{2EC198FA-D544-44AD-88CE-B213A78D7BBF}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{2FFAE405-AE17-4A43-9893-80B6A4C0F6C1}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{311D722F-2311-4A4F-BA63-26D0D5CD7008}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{31556D5B-7B05-4511-8241-11800ACF230D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{31D82693-79E0-4062-AD5F-D9FEFE6739AA}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{32006C06-AB6B-4BEB-AADB-74570A4F12EF}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{3482EE72-C294-44D3-BED6-C66847773D7C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{34D77A26-7F09-4444-9D92-56F2BA31BFF8}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{3569E4BB-3E71-402B-A85C-146F4D2F4168}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{35D9777B-51B5-4945-B148-1A465AFCC5F3}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{35FBBC5B-E22B-426F-B140-0059BE4CAA35}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{36B0DACC-55C5-4BED-A567-969F4F1BFA6B}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{36B68A52-31C1-4FF0-B07F-9803EEF2BEEA}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{385BE10D-97A0-4426-B884-D5078D488EC2}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{387FFBC4-D4A7-4948-8C6A-745C3B421D4F}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{397D84DA-ECB2-490F-B506-5B44CFF934EC}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{3B4239B7-837D-4A86-B22A-EDD3BDAC2546}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{3DA98150-E0D3-4204-95B0-EB4189B87AC3}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{3F4802D0-60C8-4FD5-AF92-017D70E2401F}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{40F82170-0CEE-42A3-9BDB-C8EB5378F268}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4146D4B6-CBAB-4A9F-A5BA-94335176CF75}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{44D27F12-96B4-4264-A507-1C0808FE16D1}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4675DCC3-5B61-401D-882F-B82EAAECE135}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4746CA63-C470-4F8C-BFDD-4B06F2C31AE4}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4965E8D2-82D7-4C15-96AF-31A4736C5B3E}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4C4C3F94-85F4-4388-A038-0A4860DA1BC3}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4CA8C049-E340-42DC-878F-98F585A47352}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4CDF7393-E31D-40DD-BBBF-F9C145C07D29}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4D628DDE-5422-41A2-98BE-718B1B4BEB03}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4E7C6D53-EEA5-405C-841C-CA5B057C502E}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4E856200-EDED-4C0A-A033-E0989D7BC4C2}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4E9C8D10-C31F-499F-808E-85536E7F2E41}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{4FC5135B-94C7-4ABA-B30F-BBA60F253261}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{513AE827-17A8-4BAE-96E3-3FCD21DC6537}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{52ACD840-92E3-4A39-AD02-21A13824E707}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{52CCB89F-B4A3-48E8-ABAA-37D619DE3C86}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{53318444-1812-49AF-BF09-72CFB8B5959A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{536A5CF1-64A1-4C00-BACC-7CBE807C7AC6}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{56B03DF8-1333-491C-B992-3B939B104157}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{56D5F5E7-EF65-4179-8503-1EC0ACE06F47}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{57D48E73-C892-471E-9C41-922876FE5221}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{58ADE887-5235-46C8-85B8-8AAB4F0E7CBC}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{58E2802A-5F0A-4E6A-8A21-EF31DD83F64D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{5AFD052D-79F3-4372-B623-988217D30F76}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{5BA1C9FE-92C3-4B5F-AC7D-543925BE69D7}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{5C09FF52-14AC-4F29-B6F8-00A61B019030}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{5D9AA75D-71B4-457F-99E0-FFC7B2389C0C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{5E4E9FD7-607E-4127-98DE-C6D02FD26B87}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{5E573A4E-C6BD-4FCD-BA7E-F4185D3419CA}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{5EE7FE7A-B169-43D8-B5F8-056CB304593F}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{5F77FF3E-1462-460E-86CD-7F84B5A7005D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{61703A76-D817-4A1F-ABEC-890CD06CDA13}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{63C69124-65AB-493E-A8B6-90FF34A2169E}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{64C23F68-5878-40BB-BA61-19DDF9DE8217}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{654F3D9E-8AC1-416F-9E2D-7C7D5BCBA431}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{657B270D-8726-4206-8826-46F1FCF35B18}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{65D5DA64-626A-46DE-9A91-6616ED1FE627}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{68C09430-B4F7-462E-9706-8EA2DDF34C51}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{68FF8055-A4C2-4A46-82BA-2CD09F68444C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{6AA18491-C14F-41F2-A53D-7EFA539FB831}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{6D844ED1-1698-4D69-B1E4-CBAF6DF9D426}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{6D916889-E236-416A-B977-52A35A01240B}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{705A776B-7D09-4C20-829A-E1CB48E534E5}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{72CD5C5A-86FC-41A2-8A50-48135236A8B3}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{73D9D597-5FD6-4FC5-9816-0A3171DB0F5C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{76623D4D-49B4-41BE-AB10-9D8A7F01B2B6}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{7922D951-FC46-45D2-A631-CC1D5ADE8A95}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{797BA2DA-FB69-4FE7-AF73-7A4035FFA5F2}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{7A28FC60-0ED8-4C68-B506-308F5FF5F3FF}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{7AC1F406-3CD2-4BBA-AD87-9582DAA590DF}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{7B34E2E8-C0A9-4ED9-B612-2E752C65FCEB}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{7BACD30E-2C6A-48A7-BDE7-62E2B8F7F291}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{7D5B17CE-2AC0-45D8-8369-2CD11B942C49}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{7F24338C-7C3D-43B2-984A-5C6BA18884D4}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{80781DF1-B448-462F-B31A-09E6A9A62ACC}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{80799E61-6DEF-40D5-95DF-BA29F779F79D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{8213D0C2-C539-4B9E-8F06-96147302C12A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{84D1B847-A9A5-43F0-B543-1DBE74C6FEBE}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{857EED15-5BDF-409F-915F-A3A44E5D2A71}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{86DC71BE-3BC1-4A07-855D-83E1112A06DF}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{870AE3CD-294B-4B3F-B516-8C75BA1CB51D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{87877FDF-D164-4DEF-B949-64C0609F6627}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{88C4BC74-4791-4340-A638-F22502C4DED5}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{88D220B3-043F-4E96-A66E-DA5C487D8437}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{8A3D63D3-A356-40FA-8FE8-0780C313CE46}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{8E0A86D6-602E-45C8-B214-308554812A7C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{911B7949-A0F4-4CA1-9E40-F0E43402E023}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{91A51C3C-6145-449B-BED2-1EC7D8F48B5A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{92502106-DA21-4B6F-959B-CD5ED1B0146C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{93853B8D-39D1-4646-821B-14FE524CF78B}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{965414D0-7F6D-494A-8C26-77131F867771}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{97A2E43A-47C8-4D13-9485-F2D6D9962023}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{98056B31-A908-4D29-B96D-377B00F01621}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{98ECA99B-C215-4836-8B99-5DB8BBBF95D1}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{9B4E8A9B-B699-4F44-91BE-645C47D09194}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{9B6207D6-F4E3-428B-8747-5A3DF3FBCF14}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{9C249CE5-80F9-4B98-9CDA-7238D530D535}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{9CAB8CD5-97DD-4999-932D-DE3A8A4FC6EF}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{A195C0A7-2D36-46FA-A21F-7D686AC44E4A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{A288AFD0-8CB3-4FB1-9367-211E790133AD}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{A6A00908-7ED5-41AF-BC6B-35A150DD0F38}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{A7C8769E-1C76-48C5-8447-2D09CCFDCE38}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{A7EFE270-7FBA-45E7-84D1-B169F75F3E77}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{A8489705-B21E-40DF-8D55-760E091F3D75}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{AA627ECE-D473-4FED-A190-F19E123E4C8E}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{AB1CB47F-802D-431B-A1CB-04338ABDCF29}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{AB421789-F822-412D-A4F3-6AA1333BC4E4}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{ABDFC166-EF82-4CA0-A7A2-669032E67FF9}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{AC23F700-302D-438E-8A4C-B1B88336FD51}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{ACB46E0A-350F-4483-B7CD-D8275FC57EC9}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{AE36A202-E2F9-44A6-BC1C-C3BF2126DF87}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{B284876A-76E9-49B5-8BBB-C6B11808ADF2}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{B36E582E-480E-4EB3-B5A2-3441F6BE7980}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{B4F98EF5-4BFD-4D64-84B7-0622293F0C2A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{B5B0E1BD-A4BE-475C-A1D6-5F63E42AABA5}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{B7A7A1C0-81BA-43A1-83B4-AAFD067A5545}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{B88CBD5C-46EC-4331-9139-0ACC20EC2468}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{B9830570-1C47-46EF-933F-6D64FAAEB9EF}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{BA52E233-A161-4A00-84EE-DE4E747D76AC}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{BA71A957-6273-4BA4-A052-22AC50433010}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{BB2A83F2-345F-4171-98AF-076C91BE3C2A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{BBDE3378-4DB5-4836-B76E-EE5000C93964}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{BEC4600F-5DD8-44E6-A9F4-1194E96AC66D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{C1BA2F85-5C20-4D50-B04B-D3074B3D4A86}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{C4221CAC-EE80-44B2-8A7C-56058CEC56E5}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{C48E31BB-FFE4-4981-BBB7-C2F1D13C155F}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{C4D41F1B-D387-4732-A6F4-67E6658CD67A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{C5654CA3-D4D7-4A38-9D3A-A800D2BFCFE1}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{C7D17149-ABB8-42EC-873A-2C8AAA7A1477}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{C884C76C-9C4E-45EB-A8FB-AEA371A426E3}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{CB69DC35-B82B-423E-9C12-839130AC329A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D0796612-6E4B-41F5-B000-4D97D5770B5B}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D10F9E23-2FE7-47CF-90A5-B6C3DA4CC01D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D20CE6EA-898B-4033-8067-A83506C76D17}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D2DDE025-314F-4473-B17D-A8743B23DB9A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D40AC86C-5356-4833-A423-3A0D45077A4C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D47B6183-014F-4D8F-89BA-97CDA8686F85}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D4FC822B-BEE8-4113-9FED-83D3B0803648}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D5C28C6F-FA3A-4843-8EA8-DC2C11A7F9B7}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D5CE3E94-82B9-40D4-93D8-A36C6CC58249}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D6B6CE0D-58B8-45EC-B9F9-D5E8975E06D2}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D77BA5F4-F925-4BBF-AE87-B7153CE85DB4}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D8693E62-EAB0-4163-B3C8-4B3F9D80272B}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D877B233-2EEA-4F48-957C-A48FA9567DE1}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{D9DF5C0D-1E58-4C74-892C-75976151054F}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{DB289790-BFC4-46FD-AC4C-007E1F04C069}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{DB2E0B2A-1DE3-4486-BAA5-E5BC32CB6134}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{DCD179CF-DC4B-4A73-9AC4-0EA1958629A1}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{DE3ACE49-DF4E-4475-8FE2-1DF02EAD9A9A}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{DF1B4174-49E7-4B4C-AD23-5CA60373103D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{DF807C67-BA8A-4AFA-A8C2-721CA7B96A56}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E06306A7-AF7F-44F2-98B5-DE030E88847B}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E0A5CA5A-96E0-4B69-BD47-3F405861571B}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E15DBC19-88F1-4BBC-B61F-9A84AF8D63B9}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E29EB804-8301-43FA-868B-9F82E505AB3B}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E30EA04B-264F-473C-9575-8B67BCD04D97}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E40F6215-5055-4256-AA80-59B010A80A82}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E4E2323C-6AC4-4C7E-8160-B34414613885}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E62A2E25-3B40-40F7-B688-9A236FF05906}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E669B3E0-C0CE-4414-8CC2-5AC8FAF0B221}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E6D69E58-F223-47AF-82E8-D90FB75966D0}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E72E712C-F634-4AF6-8621-912B96AEBD3C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E88EF3A9-B3D3-43AA-8856-7B49E17C498C}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E8ACB661-D914-4753-849A-FD230E2B66AD}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E8B56DD2-0C13-4746-9A47-73D406B77F06}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E930E8DB-3EC2-48BD-8C29-772A78A6ABDE}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{E9C1E943-A416-4A97-BAC6-EA6F1723B8B9}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{EAF3B863-9ACB-4CFF-BCB1-90678DD075F4}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{EB3C36C3-A797-4EF5-920E-C2A059DCED55}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{EBBA98B7-B46D-4617-B40D-25191C790009}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{EC25145A-3878-4876-BDF8-F6298D4AD782}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{EDBE74CD-1C7B-4D4A-AE97-53F774DEBA17}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{EE4BF44A-0F44-4646-B5BC-2F4A0A56D89F}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{EEB46B88-F648-453D-985E-756F6B464D88}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{F1432215-994C-4E7D-87C0-7A18EFF439F5}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{F346C920-0360-49C8-9D60-F699E3210D11}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{F49C9888-E488-4867-9E2A-752E1D27A800}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{F5C0BF89-233F-4880-8910-ADA050E8828E}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{F6AAB45B-1E2B-4765-93A6-6F30F978FCAB}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{F80639C3-55A7-4B48-8A1C-EE30C2B915E2}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{FA57CA20-A843-443F-BFBB-12EF2D54E7CD}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{FAF7853E-2CE3-421B-95A5-DA4C113B8ABA}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{FDF00305-27E1-40D1-8D2F-1BB99676606D}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{FEF17152-B7C3-49C7-959E-374EBFBFE7AA}
Successfully deleted: [Empty Folder] C:\Users\Luke\appdata\local\{FF68551A-AA7A-48C2-9F54-7C3BBF08D2EC}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Luke\AppData\Roaming\mozilla\firefox\profiles\a8t3yiot.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Emptied folder: C:\Users\Luke\AppData\Roaming\mozilla\firefox\profiles\a8t3yiot.default\minidumps [282 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/01/2014 at 23:44:19.76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


...to be continued...
 
3)Malwarebytes:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.27.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Luke :: LUKE-PC [administrator]

28/01/2014 17:56:37
mbam-log-2014-01-28 (17-56-37).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 477827
Time elapsed: 2 hour(s), 6 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (PUP.Optional.Amonetize) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 12
C:\Users\Luke\AppData\Roaming\player (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Luke\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Luke\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.10.0 (PUP.Optional.Delta.A) -> No action taken.
C:\Users\Luke\AppData\Local\Temp\CT3072253 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Luke\AppData\Local\Temp\CT3072253\xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Luke\AppData\Local\Temp\ct3289847 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Luke\AppData\Local\Temp\ct3289847\xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Luke\AppData\Local\Temp\ct3289847\xpi\defaults (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Luke\AppData\Local\Temp\ct3289847\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> No action taken.

Files Detected: 72
C:\AdwCleaner\Quarantine\C\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe.vir (PUP.Optional.SweetPacks.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\IEClient.dll.vir (PUP.Optional.BrowseFox.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.vir (PUP.Optional.SweetPacks) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\WhiteSmoke_New\WhiteSmoke_NewToolbarHelper.exe.vir (PUP.Optional.Conduit.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Local\Conduit\CT3289847\WhiteSmoke_NewAutoUpdateHelper.exe.vir (PUP.Optional.Conduit.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Local\SwvUpdater\Updater.exe.vir (PUP.Optional.Amonetize.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe.vir (PUP.Optional.DigitalSites.A) -> No action taken.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta6761\uninstall.exe (PUP.Optional.Amonetize) -> No action taken.
C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9B2OOBHP\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9B2OOBHP\WhiteSmoke_New_wpf[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7FGPFRC\mgsqlite3[1].7z (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7FGPFRC\setup__155[1] (PUP.Optional.Amonetize.AS) -> No action taken.
C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7FGPFRC\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U7FGPFRC\WhiteSmoke_New[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VEFJL74H\pack[1].7z (PUP.Optional.BProtector) -> No action taken.
C:\Users\Luke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZB96MPCN\19[1].7z (PUP.Optional.BProtector) -> No action taken.
C:\Users\Luke\Downloads\DownloadSetup.exe (PUP.Optional.OneClickDownloader.A) -> No action taken.
C:\Users\Luke\Downloads\iLividSetup-r418-n-bf(1).exe (PUP.Optional.Bandoo) -> No action taken.
C:\Users\Luke\Downloads\iLividSetup-r418-n-bf.exe (PUP.Optional.Bandoo) -> No action taken.
C:\Users\Luke\Downloads\Updater_Setup.exe (PUP.Optional.OptimumInstaller.A) -> No action taken.
C:\Windows\Installer\e0b3a.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\playlist.vpl (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\config.ini (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_103.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_11.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_120.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_121.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_122.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_123.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_124.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_125.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_126.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_127.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_136.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_137.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_140.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_141.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_149.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_150.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_160.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_165.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_181.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_191.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_193.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_199.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_200.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_201.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_204.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_219.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_221.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_224.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_268.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_28.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_34.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_37.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_49.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_57.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_86.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\AppData\Roaming\player\images\channel_ld_99.png (PUP.Optional.VPLMedia.A) -> No action taken.
C:\Users\Luke\Downloads\FlashPlayer_V.46620646b.exe (Adware.DomaIQ) -> Quarantined and deleted successfully.
C:\Users\Luke\Downloads\FlashPlayer_V.98382894b.exe (Adware.DomaIQ) -> Quarantined and deleted successfully.

(end)

4) OTL:
OTL logfile created on: 28/01/2014 23:11:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luke\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.24 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 30.51% Memory free
6.48 Gb Paging File | 3.90 Gb Available in Paging File | 60.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.81 Gb Total Space | 30.10 Gb Free Space | 10.42% Space Free | Partition Type: NTFS

Computer Name: LUKE-PC | User Name: Luke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Luke\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Users\Luke\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
PRC - C:\Program Files (x86)\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
MOD - C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Users\Luke\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll ()
MOD - C:\Users\Luke\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll ()
MOD - C:\Users\Luke\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll ()
MOD - C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (LavasoftAdAwareService11) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe ()
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (pcCMService64) -- C:\Program Files\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)
SRV:64bit: - (lxcg_device) -- C:\Windows\SysNative\lxcgcoms.exe ( )
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (pcCMService) -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (RapportKE64) -- C:\Windows\SysNative\drivers\RapportKE64.sys (Trusteer Ltd.)
DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (MREMP50a64) -- C:\Program Files\Common Files\Motive\MREMP50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (MRESP50a64) -- C:\Program Files\Common Files\Motive\MRESP50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (rt61x64) -- C:\Windows\SysNative\drivers\netr6164.sys (Ralink Technology, Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.)
DRV:64bit: - (lvpepf64) -- C:\Windows\SysNative\drivers\lv302a64.sys (Logitech Inc.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (Trusteer Ltd.)
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (Trusteer Ltd.)
DRV - (RapportCerberus_59849) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys ()
DRV - (MREMP50) -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{559BF0F9-E040-8574-5CCD-5D6B87DF105A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1QzutDtD0AtC0BtDzytBtAtC0EzytDyByE0EtN0D0Tzu0CyDzytDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=1100530769&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{211C1880-59C6-4215-8E49-2821A2C5BB3C: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1QzutDtD0AtC0BtDzytBtAtC0EzytDyByE0EtN0D0Tzu0CyDzytDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1R1F1F1I1H1B1Q&cr=1100530769&ir=
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r=360
IE - HKCU\..\SearchScopes\{6510EC5A-D035-4558-86AD-33258FCB84AC}: "URL" = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.gobrs.com/search/?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&rls=sJe8iVXZ
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=714647"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.startup.homepage: "http://uk.search.yahoo.com?type=714647&fr=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: ext%40VideoPlayerV3beta6761.net:1.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Luke\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta6761\ff [2014/01/14 22:03:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/19 21:46:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/19 21:46:28 | 000,000,000 | ---D | M]

[2010/01/08 20:24:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luke\AppData\Roaming\Mozilla\Extensions
[2014/01/27 23:42:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\a8t3yiot.default\extensions
[2014/01/17 20:34:38 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\a8t3yiot.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010/08/24 19:15:25 | 000,002,197 | ---- | M] () -- C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\a8t3yiot.default\searchplugins\google-search.xml
[2013/09/19 13:04:35 | 000,000,921 | ---- | M] () -- C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\a8t3yiot.default\searchplugins\yahoo.xml
[2013/12/11 23:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/12/11 23:19:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/11 23:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/11 23:19:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/11 23:19:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/14 22:03:14 | 000,000,000 | ---D | M] (Video Player) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA6761\FF

========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://uk.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=714647&p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms},
CHR - homepage: http://uk.search.yahoo.com?type=714647&fr=spigot-yhp-ch
CHR - Extension: Video Player = C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbpflimfpgmibhioifcfiplkhpciejg\1.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Google Wallet = C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\

O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\CyberLink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Luke\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Luke\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54593760-35A3-4D40-B143-A5B107655525}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{110a56f7-02e6-11df-9be1-002268816de3}\Shell - "" = AutoRun
O33 - MountPoints2\{110a56f7-02e6-11df-9be1-002268816de3}\Shell\AutoRun\command - "" = J:\autorun.exe
O33 - MountPoints2\{535d7356-09fb-11e1-a581-002268816de3}\Shell - "" = AutoRun
O33 - MountPoints2\{535d7356-09fb-11e1-a581-002268816de3}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/28 16:43:45 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\adawarebp
[2014/01/27 23:47:23 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\Malwarebytes
[2014/01/27 23:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/27 23:47:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/27 23:47:12 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/27 23:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/27 23:27:56 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/26 20:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/01/26 20:19:14 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/01/26 20:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/01/26 20:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/01/26 20:18:51 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\Programs
[2014/01/26 20:18:29 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\Lavasoft
[2014/01/26 20:17:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/01/26 20:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/01/18 22:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/01/18 22:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2014/01/18 22:51:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2014/01/18 22:48:54 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\LavasoftStatistics
[2014/01/18 22:47:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/01/18 21:50:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/14 22:02:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoPlayerV3
[2014/01/09 02:22:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/01/03 11:47:44 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\Yahoo!
[2014/01/01 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\AVG2014
[2014/01/01 22:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014/01/01 22:57:56 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Roaming\TuneUp Software
[2014/01/01 22:53:14 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014/01/01 22:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2014/01/01 22:49:15 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\MFAData
[2014/01/01 22:49:15 | 000,000,000 | ---D | C] -- C:\Users\Luke\AppData\Local\Avg2014

========== Files - Modified Within 30 Days ==========

[2014/01/28 23:16:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/28 22:40:00 | 000,018,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/28 22:40:00 | 000,018,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/28 22:34:11 | 000,002,312 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/01/28 22:30:38 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/28 22:29:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/28 22:29:27 | 2608,734,208 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/28 20:23:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/28 19:18:04 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1046449433-2006701453-3206613784-1001UA.job
[2014/01/27 23:47:14 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/26 20:19:18 | 000,001,390 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/01/19 22:18:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1046449433-2006701453-3206613784-1001Core.job
[2014/01/18 22:22:28 | 000,370,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/09 02:21:40 | 407,804,016 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/01/01 22:57:57 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/01/01 22:45:38 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/01 22:45:38 | 000,664,548 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/01 22:45:38 | 000,125,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2014/01/27 23:47:14 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/26 20:19:18 | 000,001,402 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/01/26 20:19:18 | 000,001,390 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/01/18 22:53:57 | 000,002,312 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/01/09 02:21:40 | 407,804,016 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/01/01 22:57:57 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013/08/13 00:49:09 | 000,061,963 | ---- | C] () -- C:\Users\Luke\AppData\Local\BostonMarketOne.crx
[2013/08/05 00:49:12 | 000,059,145 | ---- | C] () -- C:\Users\Luke\AppData\Local\RealSummerSale.crx
[2013/07/26 23:49:02 | 000,000,128 | ---- | C] () -- C:\Users\Luke\AppData\Roaming\WB.CFG
[2013/07/09 23:49:03 | 000,000,005 | ---- | C] () -- C:\Users\Luke\AppData\Roaming\WBPU-TTL.DAT
[2013/03/31 12:29:08 | 000,764,774 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/19 22:36:42 | 041,646,518 | ---- | C] () -- C:\Program Files (x86)\Monkey Island 1 & 2 (+music) - ScummVM.zip
[2011/01/05 09:42:47 | 000,001,940 | ---- | C] () -- C:\Users\Luke\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/13 18:53:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/02 23:54:52 | 000,000,554 | ---- | C] () -- C:\Users\Luke\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/01/27 21:55:08 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\AVG10
[2014/01/01 22:58:40 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\AVG2014
[2010/01/16 21:37:05 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\DAEMON Tools Pro
[2011/11/23 16:38:27 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Dropbox
[2010/05/06 14:59:11 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\EscapeTheMuseum2
[2010/01/26 21:10:52 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\LucasArts
[2011/03/07 18:22:18 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\OpenOffice.org
[2013/10/01 22:45:30 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Outlook
[2013/03/31 12:30:09 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\player
[2010/03/09 23:54:57 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Sports Interactive
[2010/12/14 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Spotify
[2010/02/02 23:54:56 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\Template
[2013/04/15 21:45:43 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\The Longest Journey
[2010/01/08 18:00:56 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\The TechGuys
[2014/01/01 22:57:56 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\TuneUp Software
[2013/10/20 21:14:39 | 000,000,000 | ---D | M] -- C:\Users\Luke\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >



....Hope that's everything! I'll try to get the ADWcleaner sorter
 
When running malwarebytes did you click on the remove selected button? Your log shows nothing was actually removed.

What do you mean you can't download the new version of adwcleaner?
 
Hi,
Yes sorry i removed everything afterwards. What i mean is, every time i try to download or run adwcleaner using the link it tells me it needs updating, takes me to a website, and once there i cannot find a link to download a more recent version. I have run the program i just didn't copy the log at the time
 
Ok, that worked...i have the log here:

# AdwCleaner v3.018 - Report created 29/01/2014 at 18:46:56
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Luke - LUKE-PC
# Running from : C:\Users\Luke\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\a8t3yiot.default\prefs.js ]


-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [28221 octets] - [18/01/2014 21:50:19]
AdwCleaner[R1].txt - [2390 octets] - [27/01/2014 23:15:46]
AdwCleaner[R2].txt - [1629 octets] - [29/01/2014 18:43:23]
AdwCleaner[S0].txt - [27366 octets] - [18/01/2014 22:17:39]
AdwCleaner[S1].txt - [2491 octets] - [27/01/2014 23:18:02]
AdwCleaner[S2].txt - [1556 octets] - [29/01/2014 18:46:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1616 octets] ##########
 
Are you still having the same issues? I'm at work right now and will reply back later when I get home.
 
Lets do this.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
  • Download this file here :

    Combofix

  • When the page loads click on the blue combofix download link next to the BleepingComputer Mirror.
  • Save the file to your windows desktop. The combofix icon will look like this when it has downloaded to your desktop.

    cf-icon.jpg
  • We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:

  • Close all open Windows including this one.
  • Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found here.
    Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.
  • Please click on I agree on the disclaimer window.
  • ComboFix will now install itself on to your computer. When it is done, a blue screen will appear as shown below.

    cf-preparing.jpg

  • ComboFix is now preparing to run. When it has finished ComboFix will automatically attempt to create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry as shown in the image below.

    erunt.jpg

  • Once the Windows Registry has finished being backed up, ComboFix will attempt to detect if you have the Windows Recovery Console installed. If you already have it installed, you can skip to this section and continue reading. Otherwise you will see the following message as shown below:

    recovery-console-prompt.jpg

  • At the above message box, please click on the Yes button in order for ComboFix to continue. Please follow the steps and instructions given by ComboFix in order to finish the installation of the Recovery Console.
  • Please click on yes in the next window to continue scanning for malware.
  • ComboFix will now disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
  • ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
  • While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan. An example of this can be seen below.

    still-scanning-clockchanges.jpg

  • When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
  • This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
  • When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically for you.
  • Now you just click on the edit menu and click on select all, then click on the edit menu again and click on copy. Then come to the forum in your reply and right click on your mouse and click on paste.

If for some reason, if you try to run a program or open a file and you get an error message saying "illegal operation attempted on a registry key that has been marked for deletion", please just reboot your pc and you'll be fine.

2.

I also need you to post a log that combofix produces but doesn't show you. Please navigate to C:\Qoobox and in that folder is a file named add-remove programs.txt Open that file and copy and paste the contents in your next reply.


In your next reply please post:

The combofix log
The add-remove programs list
 
Yes it's working a lot better, however i'm still getting the same error message (MSVCR80.dll) on startup, and for some reason i can't reinstall itunes...it's saying that apple mobile device isn't present/working
Thanks for all your help
 
You must log in or register to reply here.
Back
Top