Inactive-A Infomercials constantly playing on my computer-virusware not picking anything up

Status
Not open for further replies.

drkdvinity

Posts: 20   +0
I have infomercials playing at will on my computer. Even when I close everything & I'm not working on the computer at all. It seems that they play by themselves when all I've done is turned the computer on.
I checked my firewall & it was off! I didn't do that. Spybot didn't pick anything up. Neither did Malwarebytes, Kapersky or bitdefender. As a matter of fact, the infomercial was running in the background while Malewarebytes was scanning! :( I tried getting info in the search engine. Someone suggested to try running Malwarebytes in Safemode With Networking. That didn't work either. This is a lot for a teckie challenged individual, lol! But, I was willing to try anything with instructions that I could understand & follow as what ever evil thing has taken control of my computer is making it run seriously slow, freeze it, & causing all kinds of messages to come up saying this & that is not responding. And Malwarebytes are popping up messages saying that they are blocking a malicious website all the time. I am beyond any thing that I can think of to do to try to fix this. I even tried System Restore & it wouldn't work no matter which date I tried back dating it to.
Can someone please help me? I'm at my wits end!
 
Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Thank you for your reply & assistance.
I think that I did every thing correctly but if not let me know.
Also, I am going to paste both the most recent mbam scan results as requested & the results of the first scan as while I was reading the history I saw that there was something called a PUP infection that has been quaranteened. Not sure if that's important or not but I thought I should add it to my reply.
Malwarebytes Anti-Malware
www.malwarebytes.org

Protection, 9/5/2014 12:30:22 AM, SYSTEM, LAURA, Protection, Malicious Website Protection, Stopping,
Protection, 9/5/2014 12:30:26 AM, SYSTEM, LAURA, Protection, Malicious Website Protection, Stopped,
Protection, 9/5/2014 12:30:26 AM, SYSTEM, LAURA, Protection, Malicious Website Protection, Starting,
Protection, 9/5/2014 12:31:15 AM, SYSTEM, LAURA, Protection, Malicious Website Protection, Started,
Detection, 9/5/2014 1:27:33 AM, SYSTEM, LAURA, Protection, Malicious Website Protection, IP, 88.214.193.174, 0, Outbound,
Detection, 9/5/2014 1:27:35 AM, SYSTEM, LAURA, Protection, Malicious Website Protection, IP, 88.214.193.174, 0, Outbound,
Detection, 9/5/2014 1:27:36 AM, SYSTEM, LAURA, Protection, Malicious Website Protection, IP, 88.214.193.174, 0, Outbound,
Detection, 9/5/2014 1:27:42 AM, SYSTEM, LAURA, Protection, Malicious Website Protection, IP, 88.214.193.174, 0, Outbound,
Detection, 9/5/2014 1:27:42 AM, SYSTEM, LAURA, Protection, Malicious Website Protection, IP, 88.214.193.174, 0, Outbound,
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 9/2/2014
Scan Time: 9:35:28 PM
Logfile: MBAM9-2.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.02.11
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Karen
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 336759
Time Elapsed: 1 hr, 46 min, 29 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 2
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-4245672646-903908883-2055752331-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, Quarantined, [08db28c098e3bc7a913504b1788afa06],
PUP.Optional.FrostwireTB.A, HKU\S-1-5-21-4245672646-903908883-2055752331-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, Quarantined, [08db28c098e3bc7a913504b1788afa06],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
Trojan.Agent, C:\WINDOWS\hosts, Quarantined, [875cb533601b979f72c1a3e119ea4eb2],
Physical Sectors: 0
(No malicious items detected)

(end)
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Karen at 3:01:19 on 2014-09-05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.766.85 [GMT -5:00]
.
AV: AVG Internet Security 2014 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Internet Security 2014 *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Karen\Local Settings\Application Data\SupporterInfinity\VinylInfinity\browser.exe
C:\Documents and Settings\Karen\Local Settings\Application Data\SupporterInfinity\VinylInfinity\browser.exe
C:\Documents and Settings\Karen\Local Settings\Application Data\SupporterInfinity\VinylInfinity\browser.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://my.juno.com/s/search?r=minisearch
uSearch Page = hxxp://my.juno.com/s/search?r=minisearch
mSearch Page = hxxp://my.juno.com/s/search?r=minisearch
mDefault_Search_URL = hxxp://my.juno.com/s/search?r=minisearch
uInternet Connection Wizard,ShellNext = iexplore
uProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://my.juno.com/s/search?r=minisearch
mSearchAssistant = hxxp://my.juno.com/s/search?r=minisearch
BHO: AutorunsDisabled - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - c:\program files\microsoft\bingbar\7.3.132.0\BingExt.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - c:\program files\microsoft\bingbar\7.3.132.0\BingExt.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AnyDVD] "c:\program files\slysoft\anydvd\AnyDVD.exe"
uRun: [NarratorSoftware] c:\windows\system32\rundll32.exe "c:\documents and settings\karen\local settings\application data\narratorsoftware\NarratorSoftware.dll",DllRegisterServer
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DriveUtilitiesHelper] c:\program files\western digital\wd utilities\WDDriveUtilitiesHelper.exe
mRun: [WD Drive Unlocker] c:\program files\western digital\wd security\WDDriveAutoUnlock.exe
mRun: [WD Quick View] c:\program files\western digital\wd quick view\WDDMStatus.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoru~1\audibl~1.lnk - c:\program files\audible\bin\AudibleDownloadHelper.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.1.0.0/GarminAxControl_32.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {23A2712A-7A4F-4D0C-822C-D7BA9974447B} - hxxps://registration.rr.com/RegHelper.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {C9E2242D-DC05-4C54-9483-A5C90653F7BC} - hxxps://techinline.net/Client/TIClient.cab?8688
DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14_02-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - hxxp://download.abacast.com/download/files/abasetup150.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0EA8A4B0-1682-44C4-93FB-7ED2149757ED} : DHCPNameServer = 192.168.1.1
Notify: GoToAssist - c:\program files\citrix\gotoassist\896\G2AWinLogon.dll
Notify: igfxcui - igfxsrvc.dll
Notify: PFW - <no file>
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = :\windows\syste
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\karen\application data\mozilla\firefox\profiles\pf4zwblf.default\
FF - prefs.js: browser.startup.homepage - www.rr.com
FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7Ba6fd3806-14d6-40d7-95f1-4dd033170a29%7D&mid=5e407cc0265447d68f35d1441086ba29-c1e3e0a522e5831530734fba6381b49f3e0b0324&ds=AVG&v=12.2.5.32&lang=en&pr=pr&d=2012-02-26%2017%3A19%3A02&sap=ku&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 50370
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff10.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff4.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff5.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff6.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff7.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff8.dll
FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff9.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\karen\local settings\application data\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_14_0_0_145.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\npwmsdrm.dll
FF - ExtSQL: !HIDDEN! 2013-09-23 20:45; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn2
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections-per-server - 8
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2014-09-03 22:51:45 -------- d-----w- c:\documents and settings\karen\application data\QuickScan
2014-09-03 02:32:41 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-03 02:29:02 53208 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-09-03 02:29:02 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-03 02:29:00 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-09-01 21:01:25 -------- d-----w- c:\documents and settings\karen\local settings\application data\ReceiverJoint
2014-09-01 20:59:11 -------- d-----w- c:\documents and settings\karen\local settings\application data\SupporterInfinity
2014-09-01 20:59:11 -------- d-----w- c:\documents and settings\karen\local settings\application data\NarratorSoftware
2014-08-20 18:29:41 -------- d-----w- c:\program files\common files\Western Digital
2014-08-19 11:02:37 -------- d-----w- c:\documents and settings\karen\application data\Dropbox
2014-08-19 02:52:52 -------- d-----w- c:\documents and settings\karen\local settings\application data\Western Digital
2014-08-19 02:52:09 -------- d-----w- c:\documents and settings\karen\local settings\application data\Western_Digital_Technolog
2014-08-19 02:49:30 -------- d-----w- c:\program files\Western Digital
2014-08-19 02:48:49 -------- d-----w- c:\documents and settings\all users\application data\Western Digital
2014-08-15 05:48:39 -------- d-----w- c:\documents and settings\karen\local settings\application data\Adobe
.
==================== Find3M ====================
.
2014-08-15 03:15:36 699568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-08-15 03:15:35 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2003-08-27 19:19:18 36963 ----a-r- c:\program files\common files\SM1updtr.dll
.
============= FINISH: 3:08:41.84 ===============
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader 7.0
Adobe Shockwave Player 11.6
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
Audible Download Manager
Banctec Service Agreement
Bing Bar
Bonjour
Broadcom Management Programs
CCleaner
CCScore
Citrix Online Launcher
CloneDVD2
Compatibility Pack for the 2007 Office system
Conexant SmartHSFi V.9x 56K Speakerphone PCI Modem
Cypress USB Mass Storage Driver Installation
Dell Networking Guide
Dell Solution Center
DellSupport
DS21Patch
DVDSentry
Easy CD Creator 5 Basic
Elevated Installer
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
fflink
Garmin Express
Garmin Express Tray
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
Help and Support Customization
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Deskjet 2510 series Basic Device Software
HP Deskjet 2510 series Help
HP Deskjet 2510 series Product Improvement Study
HP Deskjet 2510 series Setup Guide
HP Photo Creations
HP Smart Web Printing
HP Update
HPSSupply
Intel(R) Extreme Graphics Driver
Internet Explorer Default Page
iTunes
Java 2 Runtime Environment, SE v1.4.1_02
Java 2 Runtime Environment, SE v1.4.2
Java 7 Update 9
Java Auto Updater
Java Web Start
Java(TM) 6 Update 18
Kodak EasyShare software
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Data Access Components KB870669
Microsoft Office 2000 Disc 2
Microsoft Office XP Professional
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MobileMe Control Panel
Mozilla Firefox 31.0 (x86 en-US)
Mozilla Maintenance Service
MSVCSetup
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
netbrdg
OfotoXMI
OGA Notifier 2.0.0048.0
OverDrive Media Console
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealUpgrade 1.1
Registry Mechanic 6.0
Safari
Satellite Direct v1.6.1.1
Satellite Direct v2.8.1.1
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2909921)
Security Update for Windows Internet Explorer 8 (KB2925418)
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows Internet Explorer 8 (KB2964358)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2922229)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
SFR
Shared C Run-time for x86
SHASTA
Shockwave
Shop for HP Supplies
skin0001
SKINXSDK
SmartWebPrinting
Spybot - Search & Destroy
staticcr
Stomp Backup MyPC
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211)
Update 4.0.3 for Microsoft .NET Framework 4 Extended (KB2600211)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB2904266)
Update for Windows XP (KB2934207)
Veetle TV 0.9.18
Visual Studio 2012 x86 Redistributables
VPRINTOL
WD Drive Utilities
WD Quick View
WD Security
WD SmartWare
WD SmartWare Installer
WebFldrs XP
Windows Defender Signatures
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WIRELESS
.
==== End Of File ===========================
 
redtarget.gif
You're running two AV programs, AVG and MSE.
You must uninstall one of them.
If AVG use AVG Remover: http://www.avg.com/us-en/utilities

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download http://www.imgdumper.nl/uploads6/51a5f31352f71/51a5f31352b88-icon_MBAR.png][/url][b][url=https://www.techspot.com/downloads/5603-malwarebytes-anti-rootkit.html][color=#0000FF]Malwarebytes Anti-Rootkit[/color][/url][/b] to your desktop.
[LIST]
[*][b][color=#FF0000]Warning![/color][/b] [I]Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.[/I]
[*]Double click on downloaded file. OK self extracting prompt.
[*]MBAR will start. Click "[b]Next[/b]" to continue.
[*]Click in the following screen "[b]Update[/b]" to obtain the latest malware definitions.
[*]Once the update is complete select "[b]Next[/b]" and click "[b]Scan[/b]".
[*]When the scan is finished and no malware has been found select "[b]Exit[/b]".
[*]If malware was detected, make sure to check all the items and click "[b]Cleanup[/b]". Reboot your computer.
[*]Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
[LIST]
[*][b]"mbar-log-[I]{date} (xx-xx-xx)[/I].txt"[/b]
[*][b]"system-log.txt"[/b]
[/LIST]
[/LIST]
 
Broni,
I purchased my computer used some years ago & though I am the current sole owner/user I've never had the administrator pw. I did ask the computer guy that sold it to me a couple of yrs ago about it. He said the lady that used to own it passed & that he'd recieved the computer from her family. He forgot about giving me the pw when he sold it to me & now doesn't know if he still has it anymore :/ Any suggestions?
Also, I haven't had AVG for well over a year. When I chose not to renew I went into the control panel, then add/remove programs & then uninstalled. Did I do something wrong?
I will proceed with your instructions for uninstall & wait for you to advise about proceeding with the anti-root kit.
 
AVG doesn't fully uninstall while using Windows Control Panel.
There will be leftovers so please run AVG Remover to get rid of them.

As for password thingy I suggest asking at Windows forum.
 
Broni,
I tried to use the AVG Remover last night but they ask for imfo first such as the license number. I removed AVG about a year & a half ago & have no idea what the license number used to be. So, I clicked on the help link & left an email. I haven't recieved a reply yet I may have to wait untill the week days arrive.
I tried running both links for Rogue Killer. After I downloaded the first one to desktop I closed every thing out, went to desktop, then double clicked on it. It completly disapeared, lol! So, I tried the second link & repeated the steps. At desktop I double clicked on it. A notice popped up saying, "Not a valid application". I will try the first link again & go to the Windows Forum to see if I can get help with the pw situation.
You mentioned that I had two antivirus programs running & that one was called MSE. What is MSE?
 
Broni,
Avg is removed.As soon as it finished the security screen popped up & said Microsoft Security Essencials has been turned off and virus protection is turned off. Once again, I didn't think that I had that anymore. I kept recieving notices saying that Microsoft is no longer offering updates for XP & that mse also would no longer be updated & therefore ineffective. So, I removed it & got Spybot. But, I guess it's still there or I think it is I'm not sure. Anyhoo-I tried downloading RogueKiller again. It sat frozen for hours with pop ups going on, lol. But, I think it went through. Here is the report:
RogueKiller V9.2.9.0 [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : https://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Karen [Admin rights]
Mode : Remove -- Date : 09/07/2014 03:12:40
¤¤¤ Bad processes : 5 ¤¤¤
[Suspicious.Path] browser.exe -- C:\Documents and Settings\Karen\Local Settings\Application Data\SupporterInfinity\VinylInfinity\browser.exe[7] -> KILLED [TermThr]
[Suspicious.Path] browser.exe -- C:\Documents and Settings\Karen\Local Settings\Application Data\SupporterInfinity\VinylInfinity\browser.exe[7] -> KILLED [TermThr]
[Suspicious.Path] browser.exe -- C:\Documents and Settings\Karen\Local Settings\Application Data\SupporterInfinity\VinylInfinity\browser.exe[7] -> KILLED [TermThr]
[Suspicious.Path] rundll32.exe -- C:\Documents and Settings\Karen\Local Settings\Application Data\NarratorSoftware\NarratorSoftware.dll[-] -> UNLOADED
[Suspicious.Path] rundll32.exe -- C:\Documents and Settings\Karen\Local Settings\Application Data\NarratorSoftware\NarratorSoftware.dll[-] -> UNLOADED
¤¤¤ Registry Entries : 9 ¤¤¤
[Suspicious.Path] HKEY_USERS\S-1-5-21-4245672646-903908883-2055752331-1006\Software\Microsoft\Windows\CurrentVersion\Run | NarratorSoftware : C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Karen\Local Settings\Application Data\NarratorSoftware\NarratorSoftware.dll",DllRegisterServer [x] -> DELETED
[PUM.Policies] HKEY_USERS\S-1-5-21-4245672646-903908883-2055752331-1006\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NOT SELECTED
[PUM.Policies] HKEY_USERS\S-1-5-21-4245672646-903908883-2055752331-1006\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NOT SELECTED
[PUM.Desktop] HKEY_USERS\S-1-5-21-4245672646-903908883-2055752331-1006\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop | NoChangingWallpaper : 0 -> NOT SELECTED
[PUM.StartMenu] HKEY_USERS\S-1-5-21-4245672646-903908883-2055752331-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> NOT SELECTED
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.dell4me.com/myway -> NOT SELECTED
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.dell4me.com/myway -> NOT SELECTED
[PUM.SearchPage] HKEY_USERS\S-1-5-21-4245672646-903908883-2055752331-1006\Software\Microsoft\Internet Explorer\Main | Search Page : http://my.juno.com/s/search?r=minisearch -> NOT SELECTED
¤¤¤ Scheduled tasks : 1 ¤¤¤
[Suspicious.Path] Microsoft Antimalware Scheduled Scan.job -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> DELETED
¤¤¤ Files : 0 ¤¤¤
¤¤¤ HOSTS File : 0 ¤¤¤
¤¤¤ Antirootkit : 4 (Driver: LOADED) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Ide\IdeDeviceP1T1L0-17 : \Driver\AnyDVD @ Unknown (\SystemRoot\System32\Drivers\AnyDVD.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\Cdrom @ \Device\CdRom1 (\SystemRoot\System32\DRIVERS\serial.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Ide\IdeDeviceP1T0L0-f : \Driver\AnyDVD @ Unknown (\SystemRoot\System32\Drivers\AnyDVD.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\Cdrom @ \Device\CdRom0 (\SystemRoot\System32\DRIVERS\serial.sys)
¤¤¤ Web browsers : 3 ¤¤¤
[PUM.Proxy][FIREFX:Config] pf4zwblf.default : user_pref("network.proxy.http", "127.0.0.1"); -> NOT SELECTED
[PUM.Proxy][FIREFX:Config] pf4zwblf.default : user_pref("network.proxy.http_port", 50370); -> NOT SELECTED
[PUM.HomePage][FIREFX:Config] pf4zwblf.default : user_pref("browser.startup.homepage", "www.rr.com"); -> NOT SELECTED
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: IC35L090AVV207-0 +++++
--- User ---
[MBR] 6b61654af29af97c554fd93638735cc2
[BSP] f0531316a6163d16f4ba254ab3fe3bf4 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 31 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 64260 | Size: 76253 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_09072014_030702.log
While it was working a page kept comming up for KernelMode RootKits: Part 3, KernelFilters.
Also, Malwarebytes kept popping up: Malicious website blocked.
I'll go try to find help with the pw situation as soon as I wake up tomorrow. I've been at this all day & night due to the sluggishness & freezing.
 
I installed the Avast. It started running & some thing came up for 3 browser issues. It asked me to delete them so I did. Only one was able to delete. The 2 remaining problems were AVG Safe Search & AVG Secure Search. It asked me to close out all my browsers & try again. I wasn't running any browsers but I hit Try Again any way & this is what came up- "Failed to perform changes: The configuration of your Google Chrome browser could not be updated. Please close your browser & repeat the current operation."
As I alredy mentioned I had no browser open. However, I did notice that when those unwanted Infomercials were popping up & playing I hit Alt Ctrl Delete & the Windows Task Manager came up it listed the Task as Google Chrome. Just thought I'd mention that.
So, even though I removed AVG again it seems as though there are still parts remaining.
 
We're not done here so I don't know why you posted something at Windows forum.

All I need from you are MBAR logs and I asked for them twice already.
 
I am confused. I thought that was what you asked me to do when I told you that I didn't have the administrator pw.

"AVG doesn't fully uninstall while using Windows Control Panel.
There will be leftovers so please run AVG Remover to get rid of them.
As for password thingy I suggest asking at Windows forum."
The information that you gave me says, "Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrators right"
I then replied saying, "
I purchased my computer used some years ago & though I am the current sole owner/user I've never had the administrator pw. I did ask the computer guy that sold it to me a couple of yrs ago about it. He said the lady that used to own it passed & that he'd recieved the computer from her family. He forgot about giving me the pw when he sold it to me & now doesn't know if he still has it anymore :/ Any suggestions?"
I assumed that I'd need the administrators pw to run this. If I'm I assumed incorrectly just tell me.
 
In case I am still not making sence, I thought that I needed the admin pass word in order to move forward with your instructions with MBAR but that you needed me to get help with that from Windows Forum before I could continue to proceed.
I knew we were not done & I wasn't avoiding giving you the info or going elsewere for anything else. I thought I was following your instructions.
If we miscommunicated that is fine & I apologise if the misunderstanding was on my end.
Just tell me if I do or do not need to recieve help from Windows Forum with the admin pw for the next step, to run MBAR. I'm not getting an answer there & I'd be happy to run MBAR if I don't need the PW. Just let me know.
Thank you.
 
You can deal with password issue later.
We can remove AVG leftovers manually.
All I need for now are MBAR logs.
 
Okay, I'm assuming that what you are saying is that I do not need administrator rights to download the MBAR. Great. I will go download it now.
 
Broni,
I am barely awake so I'm calling it a night. You can let me know tomorrow if I did this correctly or if I missed or forgot something.

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
(c) Malwarebytes Corporation 2011-2012
OS version: 5.1.2600 Windows XP Service Pack 3 x86
Account is Administrative
Internet Explorer version: 8.0.6001.18702
Java version: 1.6.0_18
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.659000 GHz
Memory total: 803209216, free: 152035328
Downloaded database version: v2014.09.09.01
Downloaded database version: v2014.08.21.01
=======================================
Initializing...
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9DC96E9E
Partition information:
Partition 0 type is Other (0xde)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 64197
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 64260 Numsec = 156167865
Partition file system is NTFS
Partition is bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 80000000000 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-156230000-156250000)...
Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\VBR-0-1-64260-I.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
Database version: v2014.09.09.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Karen :: LAURA [administrator]
9/9/2014 2:31:12 AM
mbar-log-2014-09-09 (02-31-12).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 340424
Time elapsed: 59 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
 
Broni,
I am at the Public Library useing their computer as I now cannot get in to mine. I know that you told me to worry about the pw issue later but when I turned on my computer this morning it was locked & asking for a pw, which I have mentioned many times, I do not have.
I've recieved a response from Windows Forum but it seems very complicated. I am going to see if I can get help with it.
Suggestions???
 
Broni,
I'm in!!! :D But, I had a lot of trouble & it looks like I received a ton of viruses along the way. I downloaded Avast on Sunday & it picked up on them a little while ago. After that it asked me to do a boot scan or something like that where my screen went blue with the scanning process. I watched some of it & it looks like I picked up the viruses during the pw change process as I recognised one of the file names, "Ophcrack". I had a lot of trouble useing that program & I was wondering if I'd done something incorrectly because it now looks like my name is combined with the previous owner rather than replacing the previous owner, not to mention I collected a bunch of viruses in the process. It seems like I'm back to the drawing board. But, at least I'm in, lol!
 
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 9/14/2014
Scan Time: 6:57:24 PM
Logfile: MBAM9-14-14.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.14.10
Rootkit Database: v2014.09.13.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Karen
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 343923
Time Elapsed: 24 min, 22 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)

(end)
 
Status
Not open for further replies.
Back