Welcome to TechSpot, Megaboetie. I'll try to help with your problems- actually I have made 3 replies and they seem to be off in cyberspace somewhere instead of here! Hopefully this will go through
Can you please give some some history on win32/PEPatch.ao. How did you know you had it? What did you do to get rid of it?
You can help prevent the Tracking Cookies seen in the SAS log:
Reset Cookies
For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'>
CHECK 'accept first party Cookies'>
CHECK 'Block third party Cookies'>
CHECK 'allow per session Cookies'> Apply> OK.
For Firefox: Tools> Options> Privacy> Cookies>
CHECK ‘accept Cookies from Sites’>
UNCHECK 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others.
I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
AdBlock Plus
Easy List
For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
(First-party and third-party cookies can be set by the website you're visiting and websites that have items embedded in the website you're visiting. But when you next visit the website, only first-party cookie information is sent to the website. Third-party cookie information isn't sent back to the websites that originally set the third-party cookies.)
When we have finished the cleaning, I'll give you the name of a program that will do a good job on that.
MBM shows a considerable amount of malware found. Let's follow up on that:
Please download ComboFix
HERE:
- With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
- Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
- Run Combo-Fix.exe and follow the prompts.
(Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
- Wait for the scan to be completed.
- If it requires a reboot, please do it.
• After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Please update and do a full system scan with AVG. Save the log and attach it in next reply.
Rescan with HJT, then PASTE the log (Ctrl V) into the next reply.
So it's attach Combofix report and Norton scan. Paste the HJT log.
