ComboFix 13-09-14.01 - Peyrot's Desktop 09/15/2013  20:32:43.1.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3070.1127 [GMT -7:00]
Running from: C:\Users\Peyrot's Desktop\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Windows\TEMP\logishrd\LVPrcInj01.dll
D:\Autorun.inf


(((((((((((((((((((((((((   Files Created from 2013-08-16 to 2013-09-16  )))))))))))))))))))))))))))))))


2013-09-16 03:41:52 . 2013-09-16 03:41:52	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2013-09-15 22:54:19 . 2013-09-15 22:54:19	--------	d-----w-	C:\_OTL
2013-09-15 20:32:02 . 2013-09-15 20:32:06	--------	d-----w-	C:\Program Files\Speccy
2013-09-15 18:16:40 . 2013-09-15 18:20:19	--------	d-----w-	C:\Windows\system32\drivers\N360\1500010.003
2013-09-15 07:17:21 . 2013-09-15 07:17:21	--------	d-----w-	C:\Windows\ERUNT
2013-09-15 07:03:08 . 2013-09-15 07:29:48	--------	d-----w-	C:\AdwCleaner
2013-09-13 19:04:14 . 2013-09-13 19:04:15	--------	d-----w-	C:\Windows\Microsoft Antimalware
2013-09-11 21:55:29 . 2013-07-16 04:35:16	615936	----a-w-	C:\Windows\system32\themeui.dll
2013-09-11 21:55:27 . 2013-08-08 01:45:09	2049536	----a-w-	C:\Windows\system32\win32k.sys
2013-09-11 08:27:14 . 2013-09-11 08:27:14	--------	d-----w-	C:\Users\Peyrot's Desktop\AppData\Local\Blizzard Entertainment
2013-09-06 16:40:00 . 2013-09-06 16:40:05	--------	d-----w-	C:\Users\Peyrot's Desktop\AppData\Roaming\PureEdge
2013-09-06 16:39:15 . 2013-09-06 16:40:05	--------	d-----w-	C:\ProgramData\PureEdge
2013-09-06 16:39:14 . 2013-09-06 16:39:14	--------	d-----w-	C:\Program Files\IBM
2013-08-27 20:56:53 . 2013-08-02 04:09:35	1548288	----a-w-	C:\Windows\system32\WMVDECOD.DLL
2013-08-26 08:23:34 . 2013-08-26 16:14:43	--------	d-----w-	C:\Program Files\Diablo III
2013-08-22 10:45:50 . 2013-08-22 10:45:53	--------	d-----w-	C:\Windows\system32\drivers\MCLIENT\0302020.00C
2013-08-22 04:28:35 . 2013-05-09 08:58:28	229648	----a-w-	C:\Windows\system32\aswBoot.exe
2013-08-22 04:27:27 . 2013-08-22 04:27:27	--------	d-----w-	C:\Program Files\AVAST Software
2013-08-22 04:26:53 . 2013-09-15 07:45:26	--------	d-----w-	C:\ProgramData\AVAST Software
2013-08-21 10:06:31 . 2013-09-13 17:58:54	--------	d-----w-	C:\Windows\system32\MRT
2013-08-21 10:03:33 . 2013-07-17 19:41:34	2048	----a-w-	C:\Windows\system32\tzres.dll
2013-08-21 10:03:10 . 2013-06-15 13:22:11	15872	----a-w-	C:\Windows\system32\icaapi.dll
2013-08-21 10:03:10 . 2013-06-15 11:23:33	24064	----a-w-	C:\Windows\system32\drivers\tssecsrv.sys
2013-08-21 10:03:09 . 2013-07-05 04:53:33	905664	----a-w-	C:\Windows\system32\drivers\tcpip.sys
2013-08-21 10:03:00 . 2013-07-10 09:47:00	783360	----a-w-	C:\Windows\system32\rpcrt4.dll
2013-08-21 04:26:05 . 2013-07-08 04:20:04	172544	----a-w-	C:\Windows\system32\wintrust.dll
2013-08-21 04:26:05 . 2013-07-08 04:16:55	98304	----a-w-	C:\Windows\system32\cryptnet.dll
2013-08-21 04:26:05 . 2013-07-08 04:16:55	133120	----a-w-	C:\Windows\system32\cryptsvc.dll
2013-08-21 04:26:05 . 2013-07-08 04:16:54	992768	----a-w-	C:\Windows\system32\crypt32.dll
.


((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-09-15 18:17:40 . 2013-07-23 03:35:04	142936	----a-w-	C:\Windows\system32\drivers\SYMEVENT.SYS
2013-09-13 11:01:08 . 2013-05-12 17:34:57	71048	----a-w-	C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-13 11:01:08 . 2013-05-12 17:34:57	692616	----a-w-	C:\Windows\system32\FlashPlayerApp.exe
2013-06-21 01:12:33 . 2013-06-21 01:12:53	867240	----a-w-	C:\Windows\system32\npDeployJava1.dll
2013-06-21 01:12:33 . 2013-06-21 01:12:53	789416	----a-w-	C:\Windows\system32\deployJava1.dll
2013-06-21 01:12:33 . 2013-06-21 01:12:46	94632	----a-w-	C:\Windows\system32\WindowsAccessBridge.dll


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 06:28:23 2153472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 20:36:56 2793304]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 23:10:12 641704]
"KeePass 2 PreLoad"="C:\Program Files\KeePass Password Safe 2\KeePass.exe" [2013-04-05 19:49:26 1960448]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 19:18:46 49208]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 14:32:50 253816]
"acevents"="C:\Program Files\ActivIdentity\ActivClient\acevents.exe" [2013-03-20 10:48:59 154264]
"accrdsub"="C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [2013-03-20 10:48:59 407736]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 10:37:26 958576]

C:\Users\Peyrot's Desktop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2013-5-5 0]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
ActivClient Agent.lnk - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe [2013-3-20 131224]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536]
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe View=show_in_tray

 
View=show_in_tray [2009-11-13 9117504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

S2 ac.sharedstore;ActivIdentity Shared Store Service;C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2013-03-20 10:48:59 209168]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - WS2IFSL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 12:19:36	1177552	----a-w-	C:\Program Files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe

Contents of the 'Scheduled Tasks' folder

2013-09-16 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-12 17:34:57 . 2013-09-13 11:01:11]

2013-09-16 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-12 23:04:26 . 2013-05-12 23:04:25]

2013-09-15 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-12 23:04:26 . 2013-05-12 23:04:25]


------- Supplementary Scan -------

uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76

- - - - ORPHANS REMOVED - - - -

HKU-Default-Run-SearchProtect - \SearchProtect\bin\cltmng.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-mlyrics@pnyj.net - C:\Program Files\M-Lyrics\uninstall.exe