A troubled PC indeed, frightening really

Inactive
By Anthony Mandich
Jan 15, 2013
Topic Status:
Not open for further replies.
  1. I would really appreciate your assistance in solving this problem once and for all. My computer is as slow as a dead person. It's mind numblingly frustrating. Please enhance my existence by providing help. Thank you in advance.
  2. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  3. Anthony Mandich

    Anthony Mandich Newcomer, in training Topic Starter

    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.01.15.08

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Anthony Mandich :: DD11KK81 [administrator]

    Protection: Enabled

    1/15/2013 12:57:58 PM
    MBAM-log-2013-01-15 (15-22-40).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 264986
    Time elapsed: 2 hour(s), 21 minute(s), 23 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 8
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
    HKCU\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> No action taken.
    HKCU\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> No action taken.
    HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> No action taken.
    HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> No action taken.

    Registry Values Detected: 2
    HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 4c0bed552cf714f903a3e48abf5d91b3 -> No action taken.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:5555 -> No action taken.

    Registry Data Items Detected: 1
    HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 9
    C:\Documents and Settings\Anthony Mandich.DD11KK81\My Documents\Downloads\California_Drivers_Licence_PSD_Fonts_Templates_Photoshop_6_by_Adapterz.exe (PUP.Adware.Agent) -> No action taken.
    C:\RECYCLER\S-1-5-21-860298848-515712437-2467674782-1006\Dc101.exe (Trojan.Dropper) -> No action taken.
    C:\Documents and Settings\Anthony Mandich.DD11KK81\wgsdgsdgdsgsd(2).exe (Trojan.FakeMS) -> No action taken.
    C:\Documents and Settings\Anthony Mandich.DD11KK81\Application Data\SYSTEM.exe (Trojan.Agent.Gen) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> No action taken.
    C:\Documents and Settings\Anthony Mandich.DD11KK81\Application Data\data.dat (Stolen.Data) -> No action taken.
    C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> No action taken.
    C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job (Trojan.Downloader) -> No action taken.
    C:\Documents and Settings\Anthony Mandich.DD11KK81\Start Menu\Programs\Startup\runctf.lnk (Trojan.Ransom.SUGen) -> No action taken.

    (end)
  4. Anthony Mandich

    Anthony Mandich Newcomer, in training Topic Starter

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
    Run by Anthony Mandich at 13:56:34 on 2013-01-15
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
    C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
    C:\Program Files\NETGEAR\WG111T\wlan111t.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\Anthony Mandich.DD11KK81\My Documents\Downloads\avast_free_antivirus_setup.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uProxyServer = hxxp=127.0.0.1:5555
    uProxyOverride = <local>;*.local
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
    BHO: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} -
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    TB: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} -
    EB: facemoods.com: {929801A8-4AEF-4D12-BE31-D85BF666452B} -
    uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [BuildBU] c:\dell\bldbubg.exe
    mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [PrivitizeVPNInstaller] c:\documents and settings\anthony mandich.dd11kk81\local settings\application data\privitizevpninstaller\PrivitizeVPN_1.0.0.2_install_config.exe /S /delayInstall
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoDriveAutoRun = dword:0
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:149
    mPolicies-Explorer: NoDriveAutoRun = dword:0
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    Trusted Zone: picclub.com
    Trusted Zone: pokerprosnetwork.com
    Trusted Zone: ppnpoker.com
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1358284568734
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
    TCP: NameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{8D65F208-DB9A-46CB-9B92-DCBC1C417BF0} : DHCPNameServer = 209.18.47.61 209.18.47.62
    Notify: igfxcui - igfxsrvc.dll
    AppInit_DLLs=
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\anthony mandich.dd11kk81\application data\mozilla\firefox\profiles\ir5v5htz.default\
    FF - prefs.js: browser.search.selectedEngine - Web Search
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
    FF - prefs.js: keyword.URL - hxxp://websearch.shopathome.com?user_id={ed30dd2c-e211-409e-af24-d3d6e05c39e6}&q=
    FF - prefs.js: network.proxy.type - 4
    FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll
    FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
    FF - component: c:\program files\netratingsnetsight\netsight\meter2\ffaddon\components\nsgkff36_meter2.dll
    FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
    FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll
    FF - ExtSQL: 2012-12-07 05:57; torntv@torntv.com; c:\documents and settings\anthony mandich.dd11kk81\application data\mozilla\firefox\profiles\ir5v5htz.default\extensions\torntv@torntv.com.xpi
    FF - ExtSQL: 2013-01-06 19:36; toolbar@shopathome.com; c:\documents and settings\anthony mandich.dd11kk81\application data\mozilla\firefox\profiles\ir5v5htz.default\extensions\toolbar@shopathome.com
    FF - ExtSQL: 2013-01-12 03:22; {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}; c:\program files\mozilla firefox\extensions\{40D65E82-75AC-47CA-8A73-1CEDC2668EFF}
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    ============= SERVICES / DRIVERS ===============
    .
    R? androidusb;ADB Interface Driver
    R? ATHFMWDL;NETGEAR WG111T Bootloader driver
    R? BasicSeek Service;BasicSeek Service
    R? bcm;WiMAX Network Adapter
    R? bcmbusctr;WiMAX Bus Driver
    R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
    R? cm_net;C-motech USB Network Adapter Drivers
    R? cm_ser;C-motech USB Serial Port2 Driver
    R? FsUsbExDisk;FsUsbExDisk
    R? hitmanpro35;Hitman Pro 3.5 Support Driver
    R? Lbd;Lbd
    R? McComponentHostService;McAfee Security Scan Component Host Service
    R? NielGfx;Nielsen USB GFX
    R? nielprt;Nielsen Patch Service
    R? smhwdev;SmartPhone dummy USB PNP Device (Normal)
    R? smhwser;USB Device for Legacy Serial Communication (Normal)
    R? ssadbus;SAMSUNG Android USB Composite Device driver (WDM)
    R? ssadmdfl;SAMSUNG Android USB Modem (Filter)
    R? ssadmdm;SAMSUNG Android USB Modem Drivers
    R? ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM)
    R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
    S? DNINDIS5;DNINDIS5 NDIS Protocol Driver
    S? IntuitUpdateServiceV4;Intuit Update Service v4
    S? MBAMProtector;MBAMProtector
    S? MBAMScheduler;MBAMScheduler
    S? MBAMService;MBAMService
    S? MBAMSwissArmy;MBAMSwissArmy
    S? NTI BackupNowEZSvr;NTI BackupNowEZSvr
    .
    =============== Created Last 30 ================
    .
    2013-01-15 10:16:26 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2013-01-15 09:59:43 -------- d-----w- c:\documents and settings\anthony mandich.dd11kk81\application data\Malwarebytes
    2013-01-15 09:57:26 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2013-01-15 09:56:46 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-01-15 09:56:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2013-01-15 08:25:16 -------- d-----w- c:\documents and settings\anthony mandich.dd11kk81\application data\FreeFixer
    2013-01-15 08:25:15 -------- d-----w- c:\documents and settings\anthony mandich.dd11kk81\local settings\application data\FreeFixer
    2013-01-15 08:25:02 -------- d-----w- c:\program files\FreeFixer
    2013-01-14 09:57:59 -------- d-----w- c:\program files\common files\Steam
    2013-01-14 09:57:52 -------- d-----w- c:\program files\Steam
    2013-01-14 07:35:11 -------- d-----w- c:\documents and settings\all users\application data\McAfee Security Scan
    2013-01-14 07:34:35 -------- d-----w- c:\program files\McAfee Security Scan
    2013-01-13 10:32:29 -------- d-----w- c:\program files\Inkscape
    2013-01-12 11:30:51 -------- d-----w- c:\documents and settings\anthony mandich.dd11kk81\local settings\application data\Conduit
    2013-01-12 11:19:45 -------- d-----w- c:\program files\BasicSeek
    2013-01-12 11:19:45 -------- d-----w- c:\documents and settings\all users\application data\BasicSeek
    2012-12-23 05:37:50 -------- d-----w- c:\program files\Golden Euro Casino
    2012-12-22 02:54:25 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2012-12-22 02:54:25 -------- d-----w- c:\windows\system32\wbem\Repository
    2012-12-22 02:16:05 194936 ----a-w- c:\documents and settings\anthony mandich.dd11kk81\wgsdgsdgdsgsd(2).exe
    2012-12-18 19:08:32 209112 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
    2012-12-18 19:08:32 209112 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
    .
    ==================== Find3M ====================
    .
    2013-01-09 08:52:22 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-01-09 08:52:21 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-12-21 05:00:00 1768 ----a-w- c:\windows\fonts\PixelNumsT.otf
    2012-12-21 05:00:00 1768 ----a-w- c:\windows\fonts\fonts\PixelNumsT.otf
    2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-09 05:37:30 464024 ----a-r- c:\windows\system32\cpnprt2win32.cid
    2012-11-28 18:33:04 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2012-11-28 18:32:54 143872 ----a-w- c:\windows\system32\javacpl.cpl
    2012-11-28 18:32:52 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
    2012-11-28 18:32:51 746984 ----a-w- c:\windows\system32\deployJava1.dll
    2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
    2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
    2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2012-11-01 12:17:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec
    2012-10-19 23:18:02 440704 ----a-w- c:\windows\CouponPrinter.ocx
    .
    ============= FINISH: 14:14:26.21 ===============
  5. Anthony Mandich

    Anthony Mandich Newcomer, in training Topic Starter

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 1/10/2010 3:34:06 PM
    System Uptime: 1/15/2013 12:51:09 PM (2 hours ago)
    .
    Motherboard: Dell Computer Corp. | | 0F5949
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.20
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Photoshop 7.0
    Adobe Reader XI (11.0.01)
    Angry Birds Seasons
    AOLIcon
    Apple Application Support
    Apple Software Update
    BasicSeek 1.0 build 111
    Big Dollar Casino
    Bonjour
    Compatibility Pack for the 2007 Office system
    Coupon Printer for Windows
    Crazy Luck Casino
    Dell Driver Reset Tool
    Dell Support 3.1
    Dell System Restore
    EPSON Printer Software
    File Type Assistant
    Final Media Player 2010
    FreeFixer
    Golden Euro Casino
    Google Chrome
    Google Earth Plug-in
    Google Gears
    Google Update Helper
    Graboid Video 3.58
    Graboid Video 3.58 Setup
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Inkscape 0.48.4
    InstallVC90Support
    Intel(R) 537EP V9x DF PCI Modem
    Intel(R) Extreme Graphics Driver
    Internet Explorer Default Page
    iTunes
    Java 2 Runtime Environment, SE v1.4.2_03
    Java 7 Update 9
    Java Auto Updater
    Java(TM) 6 Update 32
    Java(TM) SE Runtime Environment 6 Update 1
    Loco Panda Casino
    Malwarebytes Anti-Malware version 1.70.0.1100
    McAfee Security Scan Plus
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB2742597)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft IntelliPoint 7.0
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft Office XP Professional with FrontPage
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Modem Event Monitor
    Modem Helper
    Modem On Hold
    Mozilla Firefox 16.0.2 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6 Service Pack 2 (KB973686)
    NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
    NTI Backup Now EZ
    Picasa 3
    Poker Host
    QuickTime
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB2722913)
    Security Update for Windows Internet Explorer 8 (KB2744842)
    Security Update for Windows Internet Explorer 8 (KB2761465)
    Security Update for Windows Internet Explorer 8 (KB2799329)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows XP (KB2757638)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165-v2)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980232)
    Segoe UI
    Sportsbook.com
    Steam
    Treasure Mile Casino
    TurboTax 2008
    TurboTax 2008 WinPerReleaseEngine
    TurboTax 2008 wrapper
    TurboTax 2009
    TurboTax 2009 wcaiper
    TurboTax 2009 WinPerFedFormset
    TurboTax 2009 WinPerReleaseEngine
    TurboTax 2009 WinPerTaxSupport
    TurboTax 2009 wrapper
    TurboTax 2010
    TurboTax 2010 wcaiper
    TurboTax 2010 WinPerFedFormset
    TurboTax 2010 WinPerReleaseEngine
    TurboTax 2010 WinPerTaxSupport
    TurboTax 2010 wrapper
    TurboTax 2011
    TurboTax 2011 wcaiper
    TurboTax 2011 WinPerFedFormset
    TurboTax 2011 WinPerReleaseEngine
    TurboTax 2011 WinPerTaxSupport
    TurboTax 2011 wrapper
    TypingMaster Pro
    UB
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973815)
    Update for Windows XP (KB978207)
    Update for Windows XP (KB980182)
    VirtualCom driver
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 1.0.1
    VoiceOver Kit
    WebFldrs XP
    Windows Driver Package - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
    Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
    Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Media Player 11
    Wise Disk Cleaner 5.3
    Wise Registry Cleaner Free 5.32
    .
    ==== End Of File ===========================
  6. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Your MBAM log says "No action taken".
    Re-run MBAM, fix all issues and post new log.

    =============================

    I don't see any AV program running.

    Install ONE of these:

    - Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html

    - free Microsoft Security Essentials: http://windows.microsoft.com/en-GB/windows/products/security-essentials
    Note for Windows 8 users: Microsoft Security Essentials comes preinstalled and renamed as Windows Defender.
    You can keep it or you have to disable it before installing another AV program. How to...

    - free Comodo Antivirus: http://www.comodo.com/home/internet-security/antivirus.php

    Update, run full scan, report on any findings.

    =======================

    Uninstall McAfee Security Scan, typical foistware.

    ======================

    Uninstall Wise Registry Cleaner Free and FreeFixer.
    Registry cleaners/optimizers are not recommended for several reasons:

    • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

      The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
    • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
    • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
    • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
    • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
    Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.