Qtrax?

Inactive-A
By nomis
Aug 19, 2013
Topic Status:
Not open for further replies.
  1. Anyone know how I can get rid of something called Qtrax player? I keep getting it opening if I leave the pc on & alone for any length of time. Ive tried to uninstall & searched in hidden files etc but it comes back after a few days!
  2. Broni

    Broni Malware Annihilator Posts: 46,167   +251

    Welcome aboard [​IMG]

    Qtrax player is a legit program: http://en.wikipedia.org/wiki/Qtrax however it may contain some adware.

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  3. nomis

    nomis Newcomer, in training Topic Starter

    [HJT log removed by Broni]
  4. Broni

    Broni Malware Annihilator Posts: 46,167   +251

    Did you read my reply at all?
    I didn't ask for HJT log.
  5. nomis

    nomis Newcomer, in training Topic Starter

    Only kind of log I know how to do!
  6. Broni

    Broni Malware Annihilator Posts: 46,167   +251

    One more time....

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
  7. nomis

    nomis Newcomer, in training Topic Starter

    Ok, here is the log file generated by that program:
    I cant see How long it is tho!

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.08.22.04

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    missmouse :: MISSMOUSE-PC [administrator]

    22/08/2013 13:22:43
    MBAM-log-2013-08-22 (13-49-23).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 300527
    Time elapsed: 26 minute(s), 20 second(s)

    Memory Processes Detected: 4
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 2344 -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 2472 -> No action taken.
    C:\Windows\System32\jmdp\stij.exe (PUP.Optional.Sweetim) -> 3948 -> No action taken.
    C:\Windows\System32\dmwu.exe (PUP.InstallBrain) -> 2416 -> No action taken.

    Memory Modules Detected: 1
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> No action taken.

    Registry Keys Detected: 12
    HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
    HKCR\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} (PUP.Optional.WebCake.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> No action taken.
    HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> No action taken.
    HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> No action taken.
    HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
    HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> No action taken.
    HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BrowserDefender.A) -> No action taken.

    Registry Values Detected: 3
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://www1.delta-search.com/?babsr...1677580AC&affID=119357&tt=110813_YTB&tsp=4972 -> No action taken.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> No action taken.
    HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0L1N1H2O1S -> No action taken.

    Registry Data Items Detected: 5
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bad: (c:\progra~2\browse~2\261519~1.190\{c16c1~1\browse~1.dll) Good: () -> No action taken.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=Down...63-914e5a7b7593&searchtype=ds&q={searchTerms}) Good: (http://www.google.com) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=Down...63-914e5a7b7593&searchtype=ds&q={searchTerms}) Good: (http://www.google.com) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=Down...63-914e5a7b7593&searchtype=ds&q={searchTerms}) Good: (http://www.google.com) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bad: (http://feed.snap.do/?publisher=Down...63-914e5a7b7593&searchtype=ds&q={searchTerms}) Good: (http://www.google.com) -> No action taken.

    Folders Detected: 30
    C:\Users\missmouse\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.
    C:\Program Files\Iminent (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\Iminent\webbooster@iminent.com (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\Iminent\webbooster@iminent.com\chrome (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\Iminent\webbooster@iminent.com\chrome\content (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\IMinent Toolbar (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\TSearch (Adware.TSearch) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1339.144 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\Iminent\Mediator (PUP.Optional.Iminent.A) -> No action taken.
    C:\ProgramData\Iminent\Mediator\Datas (PUP.Optional.Iminent.A) -> No action taken.
    C:\ProgramData\Iminent\Mediator\Datas\Cache (PUP.Optional.Iminent.A) -> No action taken.
    C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com (PUP.Optional.Iminent.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\Iminent\Mediator (PUP.Optional.Iminent.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\Iminent\Mediator\Datas (PUP.Optional.Iminent.A) -> No action taken.
    C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache (PUP.Optional.Tarma.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\OpenCandy\CC5E1667D0FB4B8E8CFDE1548837B47C (PUP.Optional.OpenCandy) -> No action taken.

    Files Detected: 87
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\Windows\System32\jmdp\stij.exe (PUP.Optional.Sweetim) -> No action taken.
    C:\ProgramData\ADDICT-THING\bhoclass.dll (PUP.DownloadnSave) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.3.2.windows.exe (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.3.6.windows.exe (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\AC59AC99-BAB0-7891-A48C-BE8413444714\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\AC59AC99-BAB0-7891-A48C-BE8413444714\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\AC59AC99-BAB0-7891-A48C-BE8413444714\Latest\ccp.exe (PUP.Babylon.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\AC59AC99-BAB0-7891-A48C-BE8413444714\Latest\NTRedirect.dll (PUP.Optional.Babylon.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\AC59AC99-BAB0-7891-A48C-BE8413444714\Latest\Setup.exe (PUP.Babylon.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\FCD2ECCE-BAB0-7891-905C-64ADFE03758A\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\FCD2ECCE-BAB0-7891-905C-64ADFE03758A\Latest\ccp.exe (PUP.Babylon.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\FCD2ECCE-BAB0-7891-905C-64ADFE03758A\Latest\MyDeltaTB.exe (PUP.Delta.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\FCD2ECCE-BAB0-7891-905C-64ADFE03758A\Latest\Setup.exe (PUP.Babylon.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\is357113909\30759705_Setup.EXE (PUP.Optional.LyricXeeker.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\is357113909\DeltaTB.exe (PUP.Optional.Babylon.A) -> No action taken.
    C:\Users\missmouse\AppData\Local\Temp\is357113909\Setup-D502DD2B71B5.exe (PUP.Optional.Yontoo) -> No action taken.
    C:\Users\missmouse\Downloads\frostwire-4.21.3.windows.exe (PUP.Optional.AskToolbar) -> No action taken.
    C:\Users\missmouse\Downloads\winzip155.exe (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\missmouse\Downloads\WiseConvert_B2.exe (PUP.Optional.Conduit.A) -> No action taken.
    C:\Users\missmouse\Downloads\Setup (2).exe (PUP.Optional.Ibryte) -> No action taken.
    C:\Users\missmouse\Downloads\Setup.exe (PUP.Bundle.Installer.OI) -> No action taken.
    C:\Users\missmouse\Downloads\frostwire-4.21.4.windows.exe (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\missmouse\Downloads\Police.Interceptors.S04E09.WS.PDTV.XviD-C4TV.avi.exe (PUP.BundleInstaller.DW) -> No action taken.
    C:\Users\missmouse\Downloads\HD_video.zip (Trojan.FakeAlert.RGenX) -> No action taken.
    C:\Users\missmouse\Downloads\ImageEditorSetup.exe (PUP.Optional.Installcore) -> No action taken.
    C:\Windows\System32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\5EB136L7\SkywalkerSetup[1].exe (PUP.Optional.Sweetim) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
    C:\Program Files\Iminent\SearchTheWeb.xml (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\Iminent\Iminent.crx (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\Iminent\System.Data.SQLite.xml (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\Iminent\System.Windows.Interactivity.xml (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\Iminent\WPFLocalizeExtension.xml (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\Iminent\webbooster@iminent.com\install.rdf (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\Iminent\webbooster@iminent.com\chrome\content\browser.xul (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\IMinent Toolbar\IMinent_Toolbar.crc (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\IMinent Toolbar\arrow_refresh.png (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\IMinent Toolbar\basis.xml (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\IMinent Toolbar\cog.png (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\IMinent Toolbar\computer_delete.png (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\IMinent Toolbar\icons.bmp (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\IMinent Toolbar\info.txt (PUP.Optional.Iminent.A) -> No action taken.
    C:\Program Files\IMinent Toolbar\version.txt (PUP.Optional.Iminent.A) -> No action taken.
    C:\Windows\System32\dmwu.exe (PUP.InstallBrain) -> No action taken.
    C:\Program Files\TSearch\results (Adware.TSearch) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> No action taken.
    C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com\1033.11575f00-7bdc-4181-ba0a-b298aeab228c.dat (PUP.Optional.Iminent.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat (PUP.Optional.Iminent.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\Iminent\Mediator\Datas\user.dat (PUP.Optional.Iminent.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> No action taken.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\OpenCandy\CC5E1667D0FB4B8E8CFDE1548837B47C\3112.ico (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\OpenCandy\CC5E1667D0FB4B8E8CFDE1548837B47C\avg.exe (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\OpenCandy\CC5E1667D0FB4B8E8CFDE1548837B47C\AVG923_p1v3.exe (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\OpenCandy\CC5E1667D0FB4B8E8CFDE1548837B47C\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> No action taken.
    C:\Users\missmouse\AppData\Roaming\OpenCandy\CC5E1667D0FB4B8E8CFDE1548837B47C\OCBrowserHelper_1.0.3.85.dll (PUP.Optional.OpenCandy) -> No action taken.

    (end)
  8. Broni

    Broni Malware Annihilator Posts: 46,167   +251

    Your MBAM log says "No action taken".
    Re-run MBAM, fix all issues and post new log.

    I still need DDS logs.
  9. nomis

    nomis Newcomer, in training Topic Starter

  10. nomis

    nomis Newcomer, in training Topic Starter

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.25.2
    Run by missmouse at 8:25:47 on 2013-08-23
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1982.1009 [GMT 1:00]
    .
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\SLsvc.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\vVX3000.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Real\realplayer\Update\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
    C:\Program Files\Tango\Tango.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\PhraseExpress\phraseexpress.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\System32\bgsvcgen.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
    C:\Windows\system32\dmwu.exe
    C:\Windows\system32\schtasks.exe
    C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
    C:\ElsaWin\bin\LcSvrAdm.exe
    C:\ElsaWin\bin\LcSvrDba.exe
    C:\ElsaWin\bin\LcSvrHis.exe
    C:\ElsaWin\bin\LcSvrPas.exe
    C:\ElsaWin\bin\LcSvrSaz.exe
    C:\Windows\system32\lxbccoms.exe
    C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
    C:\ElsaWin\bin\VSGate.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Webroot\Washer\WasherSvc.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\ElsaWin\bin\LcSvrAuf.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\jmdp\stij.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
    C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://google.com/
    uSearch Bar = hxxp://feed.snap.do/?publisher=Download2&dpid=Download2&co=GB&userid=4eb42878-d5eb-4a38-ac63-914e5a7b7593&searchtype=ds&q={searchTerms}
    uSearch Page = hxxp://feed.snap.do/?publisher=Download2&dpid=Download2&co=GB&userid=4eb42878-d5eb-4a38-ac63-914e5a7b7593&searchtype=ds&q={searchTerms}
    mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
    mSearch Page = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/
    mDefault_Search_URL = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
    uProxyOverride = local;*.local
    uSearchAssistant = hxxp://feed.snap.do/?publisher=Download2&dpid=Download2&co=GB&userid=4eb42878-d5eb-4a38-ac63-914e5a7b7593&searchtype=ds&q={searchTerms}
    uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
    mSearchAssistant = hxxp://start.facemoods.com/?a=ppcb&s={searchTerms}&f=4
    uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    mURLSearchHooks: {a786e841-0541-427e-a26a-a5e078bfcd86} - <orphaned>
    BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    BHO: HP Print Clips: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hp\smart web printing\hpswp_framework.dll
    BHO: ProtectMe Class: {0C9F4179-A319-4c6a-A3E5-67FF3592A12E} - c:\program files\protectme\protectme.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: VideoFileDownload: {e78a5c92-6a2b-4369-ab14-0ed3b2b18584} - c:\program files\oapps\bho_project.dll
    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} -
    TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    uRun: [Sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun
    uRun: [NokiaSuite.exe] c:\program files\nokia\nokia suite\NokiaSuite.exe -tray
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [Sony PC Companion] "c:\program files\sony\sony pc companion\PCCompanion.exe" /Background
    uRun: [Tango] c:\program files\tango\Tango.exe -r
    uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
    uRun: [NTRedirect] c:\windows\system32\rundll32.exe "c:\users\missmouse\appdata\roaming\babsolution\shared\enhancedNT.dll",Run
    mRun: [WebViewWatchDog] c:\program files\webviewlspservice\GacelaWatchDogService.exe /Debug
    mRun: [VX3000] c:\windows\vVX3000.exe
    mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
    mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    dRun: [skype] "c:\program files\skype\phone\Skype.exe"
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\gprs.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\phrase~1.lnk - c:\program files\phraseexpress\phraseexpress.exe
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Download with &Media Finder - c:\program files\media finder\hook.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\users\missmouse\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
    IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
    IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {EBB176D2-AF75-4706-832F-4C8448F72757} - hxxp://www.shopandscan.com/TNSClickrc.CAB
    TCP: Interfaces\{64E72A28-FE57-42B2-9BC4-7A3906B932EA} : NameServer = 192.168.1.254
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - c:\elsawin\bin\wiprot.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    AppInit_DLLs= c:\progra~2\browse~2\261519~1.190\{c16c1~1\browse~1.dll
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath -
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 eusk2par;Aladdin SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2010-12-31 25680]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2012-3-13 116608]
    R2 BrowserDefendert;BrowserDefendert;c:\programdata\browserdefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2013-8-12 2847696]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-7-1 21504]
    R2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe [2013-6-2 1167152]
    R2 LcSvrAdm;ELSA Administration Service;c:\elsawin\bin\LcSvrAdm.exe [2010-1-28 147456]
    R2 LcSvrDba;ELSA DBA Server;c:\elsawin\bin\LcSvrDba.exe [2010-1-28 241664]
    R2 LcSvrHis;ELSA Historie Server;c:\elsawin\bin\LcSvrHis.exe [2010-1-28 217088]
    R2 LcSvrPAS;ELSA PASS Server;c:\elsawin\bin\LcSvrPas.exe [2010-1-28 368640]
    R2 LcSvrSaz;ELSA APOSpro Server;c:\elsawin\bin\LcSvrSaz.exe [2010-1-28 258048]
    R2 lxbc_device;lxbc_device;c:\windows\system32\lxbccoms.exe -service --> c:\windows\system32\lxbccoms.exe -service [?]
    R2 Start BT in service;Start BT in service;c:\program files\ivt corporation\bluesoleil\StartSkysolSvc.exe [2007-12-27 51816]
    R2 VSGate;ELSA Vaudis Service;c:\elsawin\bin\VSGate.exe [2010-1-28 81920]
    R2 wwEngineSvc;Window Washer Engine;c:\program files\webroot\washer\WasherSvc.exe [2007-11-20 618896]
    R3 LcSvrAuf;ELSA Auftragsverwaltungs Service;c:\elsawin\bin\LcSvrAuf.exe [2010-1-28 1306624]
    R3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\drivers\optousb.sys [2010-5-26 18432]
    R3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\drivers\optovcm.sys [2010-5-26 26368]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate1c9c437443ceb59;Google Update Service (gupdate1c9c437443ceb59);c:\program files\google\update\GoogleUpdate.exe [2009-4-23 133104]
    S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [2006-7-31 580992]
    S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [2009-9-23 29292]
    S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-11-1 137600]
    S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-11-1 8576]
    S3 PAC207;SoC PC-Camera;c:\windows\system32\drivers\PFC027.SYS [2006-12-5 507136]
    S3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2012-7-28 38976]
    S3 PSSDKLBF;PSSDKLBF;c:\windows\system32\drivers\pssdklbf.sys [2012-7-28 53312]
    S3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB.SYS [2010-6-16 59464]
    S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]
    S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2010-11-7 155824]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S3 wrssweep;Webroots Volume Access Driver;c:\program files\webroot\washer\wrSSweep.sys [2012-3-13 21904]
    .
    =============== Created Last 30 ================
    .
    2013-08-22 21:05:12--------d-----w-c:\windows\system32\searchplugins
    2013-08-22 21:05:12--------d-----w-c:\windows\system32\Extensions
    2013-08-12 20:38:1757344----a-r-c:\users\missmouse\appdata\roaming\microsoft\installer\{87441a59-5e64-4096-a170-14efe67200c3}\ARPPRODUCTICON.exe
    2013-08-12 20:37:11--------d-----w-c:\programdata\Command Line Utility
    2013-08-12 20:35:44--------d-----w-c:\programdata\Console
    2013-08-12 20:35:44--------d-----w-c:\programdata\Clips
    2013-08-12 20:34:42--------d-----w-c:\programdata\Hybrid Chords
    2013-08-12 17:23:11--------d-----w-c:\users\missmouse\appdata\roaming\0D0S1L2Z1P1B0T1P1B2Z
    2013-08-12 17:21:45--------d-----w-c:\program files\Image Converter
    2013-08-12 17:18:58--------d-----w-c:\users\missmouse\appdata\local\Frameworkx.com
    2013-08-12 17:17:09--------d-----w-c:\program files\Frameworkx
    2013-08-05 13:09:07--------d-----w-c:\program files\MSECache
    2013-07-30 10:40:53--------d-----w-c:\program files\Enigma Software Group
    2013-07-29 16:22:32--------d-----w-c:\users\missmouse\appdata\roaming\Zip Opener Packages
    2013-07-29 16:22:11--------d-----w-c:\programdata\BrowserDefender
    2013-07-29 16:21:40--------d-----w-c:\users\missmouse\appdata\roaming\DigitalSite
    .
    ==================== Find3M ====================
    .
    2013-08-12 20:35:15106496----a-w-c:\windows\system32\ATL71.DLL
    2013-07-13 07:32:2794632----a-w-c:\windows\system32\WindowsAccessBridge.dll
    2013-07-13 07:32:25867240----a-w-c:\windows\system32\npDeployJava1.dll
    2013-07-13 07:32:25789416----a-w-c:\windows\system32\deployJava1.dll
    .
    ============= FINISH: 8:26:54.20 ===============
  11. nomis

    nomis Newcomer, in training Topic Starter

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 17/11/2007 15:34:42
    System Uptime: 23/08/2013 08:08:26 (0 hours ago)
    .
    Motherboard: NF-M2SV | | www.abit.com.tw
    Processor: AMD Sempron(tm) Processor 3600+ | Socket M2 | 2000/201mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 149 GiB total, 21.082 GiB free.
    D: is CDROM (CDFS)
    E: is FIXED (NTFS) - 37 GiB total, 6.828 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Acer/BenQ 1240
    Device ID: ROOT\IMAGE\0001
    Manufacturer: Hamrick Software
    Name: filmscanner
    PNP Device ID: ROOT\IMAGE\0001
    Service: usbscan
    .
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Acer/BenQ 1240
    Device ID: ROOT\IMAGE\0002
    Manufacturer: Hamrick Software
    Name: Acer/BenQ 1240
    PNP Device ID: ROOT\IMAGE\0002
    Service: usbscan
    .
    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Acer/BenQ 1240
    Device ID: ROOT\IMAGE\0003
    Manufacturer: Hamrick Software
    Name: Acer/BenQ 1240 #2
    PNP Device ID: ROOT\IMAGE\0003
    Service: usbscan
    .
    ==== System Restore Points ===================
    .
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    32 Bit HP CIO Components Installer
    Activation Assistant for the 2007 Microsoft Office suites
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Help Center 2.1
    Adobe Photoshop Elements 5.0
    Adobe Photoshop Lightroom 3
    Adobe Reader X (10.1.7)
    AIO_Scan
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft Panorama Maker 5
    ArcSoft PhotoImpression 6
    AxCrypt (Remove Only)
    Bluesoleil2.7.0.13 VoIP Release 071227
    Bonjour
    BrowserDefender
    BT Broadband Desktop Help
    BT Wireless Connection Manager
    BufferChm
    Cell Phone Unlock Toolbar
    Copy
    CustomerResearchQFolder
    DesktopCalc 2.1.8
    Destination Component
    DeviceDiscovery
    DeviceManagementQFolder
    DJ_AIO_ProductContext
    DJ_AIO_Software
    DJ_AIO_Software_min
    ElsaWin
    eSupportQFolder
    F2100
    F2100_doccd
    F2100_Help
    FaceOnBody
    FTDI FTD2XX USB Drivers
    FTDI USB Serial Converter Drivers
    Google Chrome
    Google Earth
    Google Earth Plug-in
    Google Toolbar for Internet Explorer
    Google Update Helper
    HandBrake 0.9.8
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Customer Participation Program 9.0
    HP Deskjet All-In-One Software 9.0
    HP Imaging Device Functions 9.0
    HP Photosmart Essential 2.01
    HP Photosmart Essential2.01
    HP Product Assistant
    HP Smart Web Printing
    HP Solution Center 9.0
    HP Update
    HPProductAssistant
    HPSSupply
    IB Updater Service
    Image Converter
    Image Editor Packages
    iTunes
    Java 7 Update 25
    Java Auto Updater
    Java(TM) 6 Update 31
    jZip
    LG USB Modem Driver
    LightScribe 1.4.136.1
    Malwarebytes Anti-Malware version 1.75.0.1300
    MarketResearch
    Media Go
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Calculator Plus
    Microsoft Corporation
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server Compact 3.5 SP1 English
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft_VC100_CRT_SP1_x86
    Mozilla Firefox 22.0 (x86 en-US)
    Mozilla Maintenance Service
    MSVC80_x86_v2
    MSVC90_x86
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    NEF Codec
    neroxml
    Nikon Message Center 2
    Nikon Movie Editor
    Nokia Connectivity Cable Driver
    Nokia Map Loader
    Nokia PC Suite
    Nokia Software Updater
    Nokia Suite
    NokiaFREE Unlock Codes Calculator
    NVIDIA Control Panel 306.97
    NVIDIA Drivers
    NVIDIA Graphics Driver 306.97
    NVIDIA Install Application
    NVIDIA Update 1.10.8
    NVIDIA Update Components
    OGA Notifier 2.0.0048.0
    OLYMPUS Digital Camera Updater
    OpenMG Limited Patch 4.7-07-14-05-01
    OpenMG Secure Module 4.7.00
    OVT Scanner X86
    PC Connectivity Solution
    PHOTOfunSTUDIO 4.0 HD Edition
    PhraseExpress
    PhraseExpress v9.1.14
    Picture Control Utility
    ProtectMe
    PSSWCORE
    Qtrax Player
    QuickTime
    Reader Drivers and Utilities
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.1
    Recuva
    Safari
    Scan
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    SILKYPIX Developer Studio 3.0 SE
    SIW version 2011.10.29
    SolutionCenter
    Sony Ericsson Update Engine
    Sony PC Companion 2.10.165
    Status
    SUPERAntiSpyware Free Edition
    Syncios version 2.0.3
    Tango
    Toolbox
    TrayApp
    Uninstall 1.0.0.1
    Uninstall OVT Scanner
    UnloadSupport
    Update for 2007 Microsoft Office System (KB967642)
    Update for Image Editor
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
    Update for Zip Opener
    VCDS Release 10.6.5
    VCDS Release 908.2
    VideoFileDownload
    VideoToolkit01
    ViewNX 2
    Vista Codec Package
    Vista Shortcut Manager
    Visual C++ CRT 9.0
    Visual C++ CRT 9.0 SP1
    VLC media player 2.0.3
    WebReg
    Window Washer
    Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.4)
    Windows Driver Package - Nokia Modem (10/05/2009 4.2)
    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
    Windows Driver Package - OPTO ELECTRONICS CO.,LTD (optousb) Ports (06/02/2008 2.0.5.5)
    Windows Driver Package - Ross-Tech USB Driver Package (05/21/2009 2.04.18)
    Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
    Windows jZip Toolbar
    Windows Live installer
    Windows Live Mail
    Windows Live Sign-in Assistant
    Windows Media Player Firefox Plugin
    YaCy
    Yahoo! Software Update
    Yahoo! Toolbar
    Your Freedom
    Zero Assumption Recovery Version 9
    Zip Opener Packages
    .
    ==== End Of File ===========================
     
  12. Broni

    Broni Malware Annihilator Posts: 46,167   +251

    We're having some communication problems.

    First of all first step in out preliminaries calls for installing some AV program if you don't have any.
    I don't see any AV program running.

    Secondly in my previous reply I said:
    I don't see new MBAM log.

    [​IMG]
  13. Broni

    Broni Malware Annihilator Posts: 46,167   +251

    Still with me?
  14. Broni

    Broni Malware Annihilator Posts: 46,167   +251

    This topic is marked as abandoned and closed due to inactivity.
    This member will NOT be eligible to receive any more help in malware removal forum.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.