Jump to content

Recommended Posts

 
Please help. PC is beeping and seeing diamond checkers when scrolling. Cant run a full Malwarebytes scan :( 
 
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.45.2
Run by Compaq_Administrator at 17:30:26 on 2013-11-02
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1982.1024 [GMT 10:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\Local Settings\Application Data\VNT\vntldr.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
BHO: {5A55615B-11CE-7D05-DB0B-BAA108213D50} - <orphaned>
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [PCDrProfiler] <no file>
StartupFolder: c:\docume~1\compaq~1.000\startm~1\programs\startup\logitech . product registration.lnk - c:\program files\common files\logishrd\ereg\setpoint\eReg.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoFileAssociate = dword:0
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\ssv.dll
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 61.9.211.1 61.9.194.49
TCP: Interfaces\{166D96EE-1C60-48E3-8D1D-B9A9E0614213} : DHCPNameServer = 61.9.211.1 61.9.194.49
TCP: Interfaces\{D1ED57DB-54BC-4A28-882E-3073C1B6101A} : DHCPNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\30.0.1599.101\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 211560]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-23 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-24 119056]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2013-6-24 12808]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [2012-9-27 66944]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2013-1-3 44296]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2013-1-3 12808]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-11-2 40776]
S0 hswlygbl;hswlygbl;c:\windows\system32\drivers\ehsof.sys --> c:\windows\system32\drivers\ehsof.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-10-31 418376]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-10-31 701512]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2012-10-3 16640]
S3 DtvAudio;DtvAudio;c:\windows\system32\drivers\DtvAudio.sys [2012-2-12 10330]
S3 DtvVideo;DtvVideo;c:\windows\system32\drivers\DtvVideo.sys [2012-2-12 25600]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-10-31 22856]
S3 pgusbmme;usb-audio.de MME-Adapter;c:\windows\system32\drivers\pgusbmm3.sys --> c:\windows\system32\drivers\pgusbmm3.sys [?]
S3 pgusbwdm;usb-audio.de driver  (commercial 2.8.45);c:\windows\system32\drivers\pgusbwdm.sys --> c:\windows\system32\drivers\pgusbwdm.sys [?]
S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\cm108.sys --> c:\windows\system32\drivers\CM108.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-11-02 07:24:00 7796464 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{87262e1a-a55b-432c-b880-06a5fc942870}\mpengine.dll
2013-11-02 07:04:09 -------- d-----w- C:\FRST
2013-11-02 04:42:43 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-11-02 03:41:28 -------- d-----w- c:\windows\ERUNT
2013-11-01 13:22:23 7796464 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-10-31 12:59:54 26624 ----a-w- c:\windows\system32\TrueSight.sys
2013-10-31 05:27:36 -------- d-----w- C:\AdwCleaner
2013-10-31 04:22:10 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-31 04:22:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-30 01:14:01 -------- d-----w- c:\documents and settings\compaq_administrator.your-c6b5e4eabc.000\local settings\application data\VNT
2013-10-30 01:12:27 -------- d-----w- c:\program files\VNT
2013-10-28 13:01:35 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2013-10-28 13:01:30 -------- d-----w- c:\program files\Ashampoo
2013-10-18 00:42:42 -------- d-----w- c:\documents and settings\compaq_administrator.your-c6b5e4eabc.000\application data\PhotoScape
2013-10-18 00:38:33 -------- d-----w- c:\documents and settings\compaq_administrator.your-c6b5e4eabc.000\local settings\application data\cache
2013-10-18 00:38:29 -------- d-----w- c:\documents and settings\compaq_administrator.your-c6b5e4eabc.000\local settings\application data\Mobogenie
2013-10-18 00:37:53 -------- d-----w- c:\documents and settings\compaq_administrator.your-c6b5e4eabc.000\application data\0F0W0T1V0D0L0M
2013-10-18 00:36:43 -------- d-----w- c:\program files\Mobogenie
2013-10-17 03:24:08 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M  ====================
.
2013-10-09 18:33:00 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 18:33:00 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-07 21:51:05 873384 -c--a-w- c:\windows\system32\npdeployJava1.dll
2013-10-07 21:51:00 796072 -c--a-w- c:\windows\system32\deployJava1.dll
2013-10-07 21:29:36 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-09-23 18:33:58 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:33:57 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:33:57 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:33:56 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:06:48 385024 ------w- c:\windows\system32\html.iec
2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56:45 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55:08 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55:07 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55:06 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30:32 1289728 ----a-w- c:\windows\system32\ole32.dll
2009-05-10 18:17:14 2562048 -c--a-w- c:\program files\tsMuxerGUI.exe
2008-05-21 02:18:24 131072 -c--a-w- c:\program files\TsRemux.exe
.
============= FINISH: 17:31:52.73 ===============
 
 
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 9/02/2012 11:37:03 PM
System Uptime: 2/11/2013 1:27:10 PM (4 hours ago)
.
Motherboard: ASUSTek Computer INC. |  | NODUSM3
Processor: AMD Athlon 64 Processor 3500+ | Socket AM2  | 2204/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 141 GiB total, 37.722 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.767 GiB free.
E: is CDROM ()
F: is CDROM ()
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Video Controller
Device ID: PCI\VEN_109E&DEV_036E&SUBSYS_00000000&REV_11\4&DC268A3&0&4080
Manufacturer: 
Name: Multimedia Video Controller
PNP Device ID: PCI\VEN_109E&DEV_036E&SUBSYS_00000000&REV_11\4&DC268A3&0&4080
Service: 
.
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Controller
Device ID: PCI\VEN_109E&DEV_0878&SUBSYS_00000000&REV_11\4&DC268A3&0&4180
Manufacturer: 
Name: Multimedia Controller
PNP Device ID: PCI\VEN_109E&DEV_0878&SUBSYS_00000000&REV_11\4&DC268A3&0&4180
Service: 
.
==== System Restore Points ===================
.
RP1074: 4/08/2013 7:34:01 PM - Software Distribution Service 3.0
RP1075: 6/08/2013 9:27:56 AM - Software Distribution Service 3.0
RP1076: 7/08/2013 9:16:32 AM - Software Distribution Service 3.0
RP1077: 7/08/2013 10:16:52 AM - Software Distribution Service 3.0
RP1078: 8/08/2013 9:25:30 AM - Software Distribution Service 3.0
RP1079: 9/08/2013 9:15:11 AM - Software Distribution Service 3.0
RP1080: 10/08/2013 12:50:30 AM - Software Distribution Service 3.0
RP1081: 10/08/2013 9:15:33 AM - Software Distribution Service 3.0
RP1082: 11/08/2013 2:14:20 AM - Software Distribution Service 3.0
RP1083: 11/08/2013 9:15:23 AM - Software Distribution Service 3.0
RP1084: 11/08/2013 2:52:06 PM - Software Distribution Service 3.0
RP1085: 12/08/2013 9:14:16 AM - Software Distribution Service 3.0
RP1086: 13/08/2013 9:14:25 AM - Software Distribution Service 3.0
RP1087: 14/08/2013 9:15:21 AM - Software Distribution Service 3.0
RP1088: 15/08/2013 1:12:04 AM - Software Distribution Service 3.0
RP1089: 15/08/2013 3:40:34 PM - Software Distribution Service 3.0
RP1090: 16/08/2013 2:33:10 PM - Software Distribution Service 3.0
RP1091: 17/08/2013 5:58:32 PM - System Checkpoint
RP1092: 17/08/2013 7:58:52 PM - Software Distribution Service 3.0
RP1093: 18/08/2013 1:59:44 AM - Software Distribution Service 3.0
RP1094: 19/08/2013 2:40:21 AM - System Checkpoint
RP1095: 20/08/2013 3:39:17 AM - System Checkpoint
RP1096: 21/08/2013 3:52:19 AM - System Checkpoint
RP1097: 22/08/2013 4:39:17 AM - System Checkpoint
RP1098: 22/08/2013 11:47:01 AM - Software Distribution Service 3.0
RP1099: 23/08/2013 12:15:59 PM - Software Distribution Service 3.0
RP1100: 24/08/2013 11:50:54 AM - Software Distribution Service 3.0
RP1101: 25/08/2013 1:33:46 AM - Software Distribution Service 3.0
RP1102: 26/08/2013 2:43:02 AM - System Checkpoint
RP1103: 26/08/2013 11:50:32 AM - Software Distribution Service 3.0
RP1104: 26/08/2013 10:22:06 PM - Software Distribution Service 3.0
RP1105: 27/08/2013 12:36:19 AM - Software Distribution Service 3.0
RP1106: 27/08/2013 10:44:05 PM - Software Distribution Service 3.0
RP1107: 28/08/2013 11:56:50 AM - Software Distribution Service 3.0
RP1108: 29/08/2013 12:24:46 PM - System Checkpoint
RP1109: 29/08/2013 12:55:13 PM - Software Distribution Service 3.0
RP1110: 29/08/2013 9:03:13 PM - Software Distribution Service 3.0
RP1111: 30/08/2013 12:05:30 PM - Software Distribution Service 3.0
RP1112: 30/08/2013 12:49:30 PM - Software Distribution Service 3.0
RP1113: 31/08/2013 5:53:46 PM - System Checkpoint
RP1114: 1/09/2013 2:07:41 AM - Software Distribution Service 3.0
RP1115: 2/09/2013 4:28:10 AM - System Checkpoint
RP1116: 2/09/2013 10:01:52 PM - Software Distribution Service 3.0
RP1117: 3/09/2013 5:34:07 PM - Software Distribution Service 3.0
RP1118: 3/09/2013 10:01:04 PM - Software Distribution Service 3.0
RP1119: 4/09/2013 10:00:10 PM - Software Distribution Service 3.0
RP1120: 5/09/2013 10:13:58 PM - System Checkpoint
RP1121: 6/09/2013 5:15:28 PM - Software Distribution Service 3.0
RP1122: 6/09/2013 8:50:20 PM - Software Distribution Service 3.0
RP1123: 7/09/2013 9:40:21 PM - System Checkpoint
RP1124: 7/09/2013 11:46:22 PM - Software Distribution Service 3.0
RP1125: 8/09/2013 2:13:41 AM - Software Distribution Service 3.0
RP1126: 9/09/2013 2:49:58 AM - System Checkpoint
RP1127: 9/09/2013 3:45:48 PM - Software Distribution Service 3.0
RP1128: 10/09/2013 4:17:24 PM - System Checkpoint
RP1129: 10/09/2013 5:02:16 PM - Software Distribution Service 3.0
RP1130: 10/09/2013 11:49:18 PM - Software Distribution Service 3.0
RP1131: 12/09/2013 1:05:40 AM - Software Distribution Service 3.0
RP1132: 12/09/2013 11:51:59 AM - Software Distribution Service 3.0
RP1133: 13/09/2013 11:33:39 AM - Software Distribution Service 3.0
RP1134: 13/09/2013 10:16:20 PM - Software Distribution Service 3.0
RP1135: 14/09/2013 11:31:43 AM - Software Distribution Service 3.0
RP1136: 15/09/2013 1:42:33 AM - Software Distribution Service 3.0
RP1137: 15/09/2013 11:29:40 AM - Software Distribution Service 3.0
RP1138: 16/09/2013 10:40:39 AM - Software Distribution Service 3.0
RP1139: 16/09/2013 10:57:49 AM - Software Distribution Service 3.0
RP1140: 17/09/2013 10:59:25 AM - Software Distribution Service 3.0
RP1141: 18/09/2013 10:56:46 AM - Software Distribution Service 3.0
RP1142: 19/09/2013 10:56:54 AM - Software Distribution Service 3.0
RP1143: 20/09/2013 10:56:07 AM - Software Distribution Service 3.0
RP1144: 21/09/2013 10:56:05 AM - Software Distribution Service 3.0
RP1145: 21/09/2013 10:27:15 PM - Software Distribution Service 3.0
RP1146: 22/09/2013 2:12:36 AM - Software Distribution Service 3.0
RP1147: 22/09/2013 11:31:23 AM - Software Distribution Service 3.0
RP1148: 23/09/2013 12:01:34 PM - System Checkpoint
RP1149: 23/09/2013 1:08:40 PM - Software Distribution Service 3.0
RP1150: 24/09/2013 1:57:50 PM - System Checkpoint
RP1151: 24/09/2013 4:16:46 PM - Software Distribution Service 3.0
RP1152: 24/09/2013 7:33:47 PM - Software Distribution Service 3.0
RP1153: 25/09/2013 7:54:39 PM - System Checkpoint
RP1154: 25/09/2013 9:02:26 PM - Software Distribution Service 3.0
RP1155: 26/09/2013 9:56:40 PM - System Checkpoint
RP1156: 27/09/2013 8:02:42 AM - Software Distribution Service 3.0
RP1157: 28/09/2013 8:01:20 AM - Software Distribution Service 3.0
RP1158: 29/09/2013 12:15:24 AM - Software Distribution Service 3.0
RP1159: 29/09/2013 2:07:05 AM - Software Distribution Service 3.0
RP1160: 29/09/2013 7:58:08 AM - Software Distribution Service 3.0
RP1161: 30/09/2013 7:56:14 AM - Software Distribution Service 3.0
RP1162: 1/10/2013 7:55:55 AM - Software Distribution Service 3.0
RP1163: 1/10/2013 8:39:35 PM - Software Distribution Service 3.0
RP1164: 2/10/2013 4:38:27 PM - Software Distribution Service 3.0
RP1165: 3/10/2013 9:51:31 PM - Software Distribution Service 3.0
RP1166: 4/10/2013 1:06:28 AM - Software Distribution Service 3.0
RP1167: 4/10/2013 9:46:20 PM - Software Distribution Service 3.0
RP1168: 5/10/2013 9:45:51 PM - Software Distribution Service 3.0
RP1169: 6/10/2013 2:06:32 AM - Software Distribution Service 3.0
RP1170: 6/10/2013 12:12:38 PM - Software Distribution Service 3.0
RP1171: 7/10/2013 12:04:35 PM - Software Distribution Service 3.0
RP1172: 7/10/2013 10:31:27 PM - Software Distribution Service 3.0
RP1173: 8/10/2013 12:05:22 PM - Software Distribution Service 3.0
RP1174: 9/10/2013 12:14:13 PM - Software Distribution Service 3.0
RP1175: 9/10/2013 9:56:57 PM - Software Distribution Service 3.0
RP1176: 10/10/2013 9:15:38 PM - Software Distribution Service 3.0
RP1177: 11/10/2013 3:00:42 AM - Software Distribution Service 3.0
RP1178: 11/10/2013 9:57:30 PM - Software Distribution Service 3.0
RP1179: 12/10/2013 9:56:40 PM - Software Distribution Service 3.0
RP1180: 13/10/2013 1:45:25 AM - Software Distribution Service 3.0
RP1181: 14/10/2013 2:44:38 AM - System Checkpoint
RP1182: 14/10/2013 10:47:03 AM - Software Distribution Service 3.0
RP1183: 15/10/2013 3:00:42 AM - Software Distribution Service 3.0
RP1184: 15/10/2013 11:37:30 AM - Software Distribution Service 3.0
RP1185: 16/10/2013 11:37:20 AM - Software Distribution Service 3.0
RP1186: 16/10/2013 2:02:19 PM - Software Distribution Service 3.0
RP1187: 16/10/2013 2:09:27 PM - Software Distribution Service 3.0
RP1188: 17/10/2013 1:23:06 PM - Installed Java 7 Update 45
RP1189: 17/10/2013 2:13:58 PM - Software Distribution Service 3.0
RP1190: 18/10/2013 2:39:56 PM - System Checkpoint
RP1191: 18/10/2013 11:46:20 PM - Software Distribution Service 3.0
RP1192: 19/10/2013 8:50:16 PM - Software Distribution Service 3.0
RP1193: 19/10/2013 11:44:44 PM - Software Distribution Service 3.0
RP1194: 20/10/2013 2:10:31 AM - Software Distribution Service 3.0
RP1195: 20/10/2013 9:52:01 PM - Software Distribution Service 3.0
RP1196: 20/10/2013 11:03:34 PM - Software Distribution Service 3.0
RP1197: 21/10/2013 10:08:55 PM - Software Distribution Service 3.0
RP1198: 22/10/2013 11:30:26 PM - System Checkpoint
RP1199: 23/10/2013 8:53:22 PM - Software Distribution Service 3.0
RP1200: 24/10/2013 12:30:00 AM - Software Distribution Service 3.0
RP1201: 24/10/2013 8:55:25 PM - Software Distribution Service 3.0
RP1202: 25/10/2013 10:57:04 PM - Software Distribution Service 3.0
RP1203: 26/10/2013 10:57:16 PM - Software Distribution Service 3.0
RP1204: 27/10/2013 2:02:01 AM - Software Distribution Service 3.0
RP1205: 27/10/2013 11:26:22 PM - Software Distribution Service 3.0
RP1206: 28/10/2013 10:38:18 PM - Software Distribution Service 3.0
RP1207: 29/10/2013 6:30:03 PM - Software Distribution Service 3.0
RP1208: 30/10/2013 7:14:27 PM - System Checkpoint
RP1209: 31/10/2013 11:22:04 AM - Software Distribution Service 3.0
RP1210: 31/10/2013 11:14:05 PM - Software Distribution Service 3.0
RP1211: 1/11/2013 11:22:20 PM - Software Distribution Service 3.0
RP1212: 2/11/2013 5:23:53 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
7 Wonders of the Ancient World
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
AiO_Scan_CDA
AiOSoftwareNPI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ashampoo WinOptimizer 10 v.10.2.5
Ashampoo WinOptimizer Free v.1.0.0
ASIO4ALL
Avidemux 2.5 (32-bit)
AviSynth
Bejeweled 2 Deluxe
Bengal - Game of Gods
BeTrapped!
Bonjour
Bookworm Deluxe
Bricks of Atlantis
Bricks of Egypt
BufferChm
Cake Mania
CCleaner
Chuzzle
Compaq Connections (remove only)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
Customer Experience Enhancement
CustomerResearchQFolder
Data Fax SoftModem with SmartCP
dBpoweramp m4a Nero AAC Encoder
Destinations
DocProc
DocProcQFolder
DocumentViewer
DocumentViewerQFolder
Driver Checker v2.7.5
DVDFab 9.0.3.8 (29/04/2013)
Easy Internet Sign-up
Enhanced Multimedia Keyboard Solution
eReg
eSupportQFolder
Fax_CDA
foobar2000 v1.2.9
Foxtel GO
Free Video to iPhone Converter version 5.0.13.608
Frostwire Toolbar
FullDPAppQFolder
Gem Shop
GemMaster Mystic
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hexic
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB958655-v2)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
IncrediMail
IncrediMail 2.0
Insaniquarium Deluxe
InstantShareDevices
InstantShareDevicesMFC
iTunes
J2SE Runtime Environment 5.0 Update 6
Java 7 Update 45
Java Auto Updater
Jewel of Atlantis
Jewel Quest
Jigsaw 365
LightScribe  1.4.105.1
Logitech SetPoint 6.52
Macromedia Shockwave Player
Magic Ball 2
Magic Match
Mahjong Match
MakeMKV v1.7.9
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
MediaInfo 0.7.64
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Away Mode
Microsoft Choice Guard
Microsoft Corporation
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Money
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft Works
Mosiac - Tomb of Mystery
Mozaki Blocks
Mp3tag v2.57
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Mystery Case Files - Huntsville
NewCopy_CDA
NVIDIA Control Panel 301.42
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA Install Application
NVIDIA nView 136.27
NVIDIA nView Desktop Manager
NVIDIA Update 1.8.15
NVIDIA Update Components
Ocean Express
OCR Software by I.R.I.S 7.0
OptionalContentQFolder
Otto
PanoStandAlone
Pat Sajak’s Lucky Letters
PC-Doctor 5 for Windows
PhotoGallery
Photoscape Packages
Poker Superstars 2
ProductContextNPI
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QuickTime
Rainbow Web
RandMap
Readme
Realtek High Definition Audio Driver
Ricochet Lost Worlds
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2124261)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2290570)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618444)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Segoe UI
SkinsHP1
SlideShow
SlideShowMusic
Slingo
SolutionCenter
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Status
SUPERAntiSpyware
Tiks Texas Hold em
Toolbox
TrayApp
TwinhanDTV
Universal Media Server
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
UrlScan 2.5
VC80CRTRedist - 8.0.50727.6195
VLC media player 2.0.8
WebFldrs XP
WebReg
Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media  (08/31/2007 5.7.0831.0)
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA  (08/31/2007 5.7.0831.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinSCP 5.0.8 RC
Wonderland - Secret Worlds
XMedia Recode version 3.1.5.5
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
28/10/2013 2:28:43 PM, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
28/10/2013 2:28:43 PM, error: SideBySide [59]  - Generate Activation Context failed for C:\Program Files\IncrediMail\Bin\MFC80U.DLL. Reference error message: The operation completed successfully. .
28/10/2013 2:28:43 PM, error: SideBySide [32]  - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hello MarshallE and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall this application: Frostwire Toolbar

Step 2

Please follow the instructions here:

https://forums.malwarebytes.org/index.php?showtopic=10138&page=1entry181018

Next here:

https://forums.malwarebytes.org/index.php?showtopic=10138&page=1entry417944

Step 3

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • Step 4

    Please download AdwCleaner by Xplode onto your desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Clean.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[s1].txt as well.
    Step 5
    • Launch Malwarebytes' Anti-Malware
    • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
    • Go to Scanner tab and select Perform Quick Scan, then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

    In your next reply, post the following log files:

    • Junkware Removal Tool log
    • AdwCleaner log
    • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Hi Borislav

 

Thank you for your help.

 

I have uninstalled Frostwire toolbar. 

 

I followed your instructions and set exclusions for MCE and did the error checking and defrag.  

 

I did run a scan of AdwCleaner prior to asking for help - Sorry (I have copy and pasted the first scan log [R0] and the [s1].txt you requested)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by Compaq_Administrator on Sun 03/11/2013 at 22:00:21.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/11/2013 at 22:04:20.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v3.010 - Report created 31/10/2013 at 15:27:40
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Compaq_Administrator - YOUR-C6B5E4EABC
# Running from : C:\Documents and Settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\My Documents\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : APNMCP
 
***** [ Files / Folders ] *****
 
Folder Found C:\DOCUME~1\COMPAQ~1.000\LOCALS~1\Temp\apn
Folder Found C:\DOCUME~1\COMPAQ~1.000\LOCALS~1\Temp\apn
Folder Found C:\DOCUME~1\COMPAQ~1.000\LOCALS~1\Temp\apn
Folder Found C:\DOCUME~1\COMPAQ~1.000\LOCALS~1\Temp\apn
Folder Found C:\DOCUME~1\COMPAQ~1.000\LOCALS~1\Temp\apn
Folder Found C:\Documents and Settings\All Users\Application Data\apn
Folder Found C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork
Folder Found C:\Documents and Settings\All Users\Application Data\Babylon
Folder Found C:\Documents and Settings\All Users\Application Data\BetterSoft
Folder Found C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Found C:\Documents and Settings\All Users\Application Data\ClickIT
Folder Found C:\Documents and Settings\All Users\Application Data\DriverCure
Folder Found C:\Documents and Settings\All Users\Application Data\SaveAs
Folder Found C:\Documents and Settings\All Users\Application Data\SaveAs
Folder Found C:\Documents and Settings\All Users\Application Data\SoftSafe
Folder Found C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Found C:\Documents and Settings\All Users\Start Menu\Programs\Filesubmit
Folder Found C:\Documents and Settings\All Users\Start Menu\Programs\Filesubmit
Folder Found C:\Program Files\AskPartnerNetwork
Folder Found C:\Program Files\Conduit
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{24AE5778-7C0A-40D2-AD87-A16F5B9E3125}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{24AE5778-7C0A-40D2-AD87-A16F5B9E3125}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF0118D4-63FF-4138-9327-F3028FB1A578}
Key Found : HKCU\Software\smartbar
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\ImInstaller
Key Found : HKLM\Software\InstalledThirdPartyPrograms
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v
 
-\\ Google Chrome v30.0.1599.101
 
*************************
 
AdwCleaner[R0].txt - [4608 octets] - [31/10/2013 15:27:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4668 octets] ##########
 
 
 
# AdwCleaner v3.010 - Report created 02/11/2013 at 13:26:18
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Compaq_Administrator - YOUR-C6B5E4EABC
# Running from : C:\Documents and Settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\My Documents\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v
 
-\\ Google Chrome v30.0.1599.101
 
*************************
 
AdwCleaner[R0].txt - [4748 octets] - [31/10/2013 15:27:40]
AdwCleaner[R1].txt - [907 octets] - [02/11/2013 13:25:33]
AdwCleaner[s0].txt - [4562 octets] - [31/10/2013 15:28:29]
AdwCleaner[s1].txt - [829 octets] - [02/11/2013 13:26:18]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [888 octets] ##########
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.11.03.01
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Compaq_Administrator :: YOUR-C6B5E4EABC [administrator]
 
3/11/2013 10:16:53 PM
mbam-log-2013-11-03 (22-16-53).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 262019
Time elapsed: 36 minute(s), 31 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 
Link to post
Share on other sites

sorry here is [s0].txt from AdwCleaner incase yo require that

 

 

# AdwCleaner v3.010 - Report created 31/10/2013 at 15:28:29
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Compaq_Administrator - YOUR-C6B5E4EABC
# Running from : C:\Documents and Settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\My Documents\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : APNMCP
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\BetterSoft
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ClickIT
Folder Deleted : C:\Documents and Settings\All Users\Application Data\DriverCure
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SaveAs
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SoftSafe
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Filesubmit
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\DOCUME~1\COMPAQ~1.000\LOCALS~1\Temp\apn
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{24AE5778-7C0A-40D2-AD87-A16F5B9E3125}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF0118D4-63FF-4138-9327-F3028FB1A578}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{24AE5778-7C0A-40D2-AD87-A16F5B9E3125}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\smartbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\InstalledThirdPartyPrograms
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v
 
-\\ Google Chrome v30.0.1599.101
 
*************************
 
AdwCleaner[R0].txt - [4748 octets] - [31/10/2013 15:27:40]
AdwCleaner[s0].txt - [4422 octets] - [31/10/2013 15:28:29]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4482 octets] ##########
Link to post
Share on other sites

Thanks. I had done that already - it made no difference. I tried again re your instructions and still it made no difference. I have now uninstalled chrome and are using firefox.

 

I cannot seem to get any more details about the "zero char in key name" in the registery - when I click on it there's no info. Here is what it reads >

 

RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\Control\DeviceClasses\","{D7346738-AD2C-150C-B0DE-BD71A139D65F}<0x00>"
RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet002\Control\DeviceClasses\","{D7346738-AD2C-150C-B0DE-BD71A139D65F}<0x00>"
RegyKey:"Zero char in key name","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\Control\DeviceClasses\","{D7346738-AD2C-150C-B0DE-BD71A139D65F}<0x00>"

 

Is thee a log I can post for you?

 

Also Malware Bytes still seems to be hanging on a FULL scan. I tried running it last night and went to bed. When I woke the duration was 8.5 hours and no files scanned. When I tried to close it it said not responding. A quick scan seems to work though.

Link to post
Share on other sites

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

 ComboFix 13-11-10.02 - Compaq_Administrator 11/11/2013  21:58:20.2.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1982.1380 [GMT 10:00]
Running from: c:\documents and settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\My Documents\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
(((((((((((((((((((((((((   Files Created from 2013-10-11 to 2013-11-11  )))))))))))))))))))))))))))))))
.
.
2013-11-11 11:46 . 2013-10-14 06:39    7796464    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AE57321E-2D92-4B03-A0E1-6E0F5052BE2F}\mpengine.dll
2013-11-11 02:13 . 2013-11-11 11:41    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-11-11 02:13 . 2013-11-11 02:13    105176    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-11-11 02:11 . 2013-11-11 02:11    47064    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-11-10 00:59 . 2013-10-14 06:39    7796464    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-03 04:56 . 2013-04-04 04:50    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-11-03 04:56 . 2013-11-03 04:56    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-11-02 11:11 . 2013-09-20 00:49    18968    ----a-w-    c:\windows\system32\sdnclean.exe
2013-11-02 11:11 . 2013-11-05 14:40    --------    d-----w-    c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2013-11-02 11:10 . 2013-11-02 11:11    --------    d-----w-    c:\program files\Spybot - Search & Destroy 2
2013-11-02 07:04 . 2013-11-02 07:04    --------    d-----w-    C:\FRST
2013-11-02 03:41 . 2013-11-02 03:41    --------    d-----w-    c:\windows\ERUNT
2013-10-31 05:27 . 2013-11-06 04:16    --------    d-----w-    C:\AdwCleaner
2013-10-28 13:01 . 2013-10-28 13:07    --------    d-----w-    c:\program files\Ashampoo
2013-10-18 00:42 . 2013-10-18 01:10    --------    d-----w-    c:\documents and settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\Application Data\PhotoScape
2013-10-18 00:38 . 2013-10-18 00:38    --------    d-----w-    c:\documents and settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\Local Settings\Application Data\cache
2013-10-18 00:38 . 2013-10-18 00:53    --------    d-----w-    c:\documents and settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\Local Settings\Application Data\Mobogenie
2013-10-18 00:37 . 2013-10-18 00:37    --------    d-----w-    c:\documents and settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\Application Data\0F0W0T1V0D0L0M
2013-10-18 00:36 . 2013-10-18 01:08    --------    d-----w-    c:\program files\Mobogenie
2013-10-17 03:24 . 2013-10-07 21:50    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 18:33 . 2012-06-21 12:13    692616    -c--a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-10-09 18:33 . 2012-02-09 16:57    71048    -c--a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 21:51 . 2012-05-21 05:58    873384    -c--a-w-    c:\windows\system32\npdeployJava1.dll
2013-10-07 21:51 . 2012-02-10 08:39    796072    -c--a-w-    c:\windows\system32\deployJava1.dll
2013-10-07 21:29 . 2013-02-23 12:40    145408    ----a-w-    c:\windows\system32\javacpl.cpl
2013-09-23 18:33 . 2004-08-10 04:00    920064    ----a-w-    c:\windows\system32\wininet.dll
2013-09-23 18:33 . 2004-08-10 04:00    43520    ------w-    c:\windows\system32\licmgr10.dll
2013-09-23 18:33 . 2004-08-10 04:00    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2013-09-23 18:33 . 2004-08-10 04:00    18944    ----a-w-    c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2004-08-10 04:00    385024    ------w-    c:\windows\system32\html.iec
2013-08-29 01:31 . 2004-08-10 04:00    1878656    ----a-w-    c:\windows\system32\win32k.sys
2009-05-10 18:17 . 2012-05-13 02:45    2562048    -c--a-w-    c:\program files\tsMuxerGUI.exe
2008-05-21 02:18 . 2008-11-26 13:03    131072    -c--a-w-    c:\program files\TsRemux.exe
2008-06-30 03:44 . 2008-07-21 06:36    324976    -c--a-w-    c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-11-10 5717272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"ftutil2"="ftutil2.dll" [2004-06-07 106496]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 77312]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-18 49152]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 995176]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"DriverChecker.exe"="c:\program files\Driver Checker\DriverChecker.exe" [2012-11-08 11707336]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2238704]
"RTHDCPL"="RTHDCPL.EXE" [2012-06-06 20065936]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2013-04-30 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-01 254336]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
.
c:\documents and settings\Compaq_Administrator\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2013-02-08 18:30    66800    -c--a-w-    c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-10 04:00    208952    -c--a-w-    c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 02:35    152392    ----a-w-    c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2013-04-04 04:50    532040    ----a-w-    c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 12:12    3872080    -c--a-w-    c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2012-05-15 09:40    15504192    ----a-w-    c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2013-11-10 00:58    5717272    ----a-w-    c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\IPCamera.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\J River\\Media Center 18\\Media Center 18.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/07/2011 2:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [13/07/2011 7:55 AM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [24/05/2013 6:11 AM 119056]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [24/06/2013 7:12 PM 12808]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2/11/2013 9:11 PM 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2/11/2013 9:11 PM 1042272]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [27/09/2012 10:20 PM 66944]
R3 DtvAudio;DtvAudio;c:\windows\system32\drivers\DtvAudio.sys [12/02/2012 2:26 PM 10330]
R3 DtvVideo;DtvVideo;c:\windows\system32\drivers\DtvVideo.sys [12/02/2012 2:31 PM 25600]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [3/01/2013 6:18 PM 44296]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [3/01/2013 6:18 PM 12808]
S0 hswlygbl;hswlygbl;c:\windows\system32\drivers\ehsof.sys --> c:\windows\system32\drivers\ehsof.sys [?]
S0 kamwka;kamwka;c:\windows\system32\drivers\lpptqqd.sys --> c:\windows\system32\drivers\lpptqqd.sys [?]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [3/11/2013 2:56 PM 418376]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/11/2013 2:56 PM 701512]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2/11/2013 9:11 PM 171416]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [3/10/2012 11:00 PM 16640]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/11/2013 2:56 PM 22856]
S3 pgusbmme;usb-audio.de MME-Adapter;c:\windows\system32\drivers\pgusbmm3.sys --> c:\windows\system32\drivers\pgusbmm3.sys [?]
S3 pgusbwdm;usb-audio.de driver  (commercial 2.8.45);c:\windows\system32\Drivers\pgusbwdm.sys --> c:\windows\system32\Drivers\pgusbwdm.sys [?]
S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys --> c:\windows\system32\drivers\CM108.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [6/05/2008 4:06 PM 11520]
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 18:33]
.
2013-11-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 07:57]
.
2013-11-11 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-11-02 00:57]
.
2013-11-11 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-08-12 00:12]
.
2013-11-05 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-11-02 00:49]
.
2013-11-02 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-11-02 00:51]
.
.
------- Supplementary Scan -------
.




uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 61.9.211.1 61.9.242.33

FF - ProfilePath - c:\documents and settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\Application Data\Mozilla\Firefox\Profiles\ljua5hww.default-1383705478203\
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-PCDrProfiler - (no file)
c:\documents and settings\UpdatusUser\Start Menu\Programs\Startup\Pin.lnk - c:\hp\bin\CLOAKER.EXE c:\hp\bin\PinToStart.bat
c:\documents and settings\UpdatusUser\Start Menu\Programs\Startup\PinMcLnk.lnk - c:\hp\bin\cloaker.exe c:\hp\bin\PinMcLnkToStart.bat
Notify-SDWinLogon - SDWinLogon.dll
MSConfigStartUp-DivXUpdate - c:\program files\DivX\DivX Update\DivXUpdate.exe
AddRemove-{A04BCE0F-CCDA-6340-DD63-02F908A08895} - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~3\{01F9E169-ADBD-4757-A5BC-E59FDA1AC39F}\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-11 22:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(732)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(1964)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-11-11  22:07:20
ComboFix-quarantined-files.txt  2013-11-11 12:07
.
Pre-Run: 49,906,384,896 bytes free
Post-Run: 50,035,879,936 bytes free
.
- - End Of File - - AB8D421760444AF8FE6577D930440606
D11C727E03BB7318DCDA069B06E652F0
 

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

Thanks again

21 hours later  :o   Here is what it found

 

C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\SaveAs\510508f393149.dll.vir    a variant of Win32/Adware.MultiPlug.I application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Conduit\CT2724386\IncrediMail_MediaBar_2AutoUpdateHelper.exe    Win32/Toolbar.Conduit.Q application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IncrediMail_MediaBar_2\tbInc2.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IncrediMail_MediaBar_2\tbIncr.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Vuze_Remote\ldrtbVuz0.dll    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Vuze_Remote\tbVuz0.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Vuze_Remote\tbVuze.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\Application Data\0F0W0T1V0D0L0M\Photoscape Packages\uninstaller.exe    Win32/InstallCore.AZ application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Administrator.YOUR-C6B5E4EABC.000\My Documents\Downloads\cbsidlm-cbsi134-Ashampoo_Registry_Cleaner-BP-75408896.exe    probably a variant of Win32/CNETInstaller.A application    cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Ashampoo_US\ldrtbAsha.dll    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Ashampoo_US\tbAsha.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\IncrediMail_MediaBar_2\ldrtbInc0.dll    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\IncrediMail_MediaBar_2\ldrtbIncr.dll    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\IncrediMail_MediaBar_2\tbInc0.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\IncrediMail_MediaBar_2\tbIncr.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Vuze_Remote\ldrtbVuz0.dll    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Vuze_Remote\tbVuz0.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Vuze_Remote\tbVuze.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
 

Link to post
Share on other sites

I'm so sorry about this long time scanning.

Please locate and manually delete the following folders:

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Conduit

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\IncrediMail_MediaBar_2

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Vuze_Remote

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Ashampoo_US

Reboot your system and let me know how are things then.

Link to post
Share on other sites

Apologies for the delayed reply.

 

This seems to have made my computer a lot more responsive. Thank you.

 

However Malware bytes is still taking a very long time to complete a full scan. It doesn't appear to be hanging but we are taking 20 hours +. Is there a way to fix this?

 

I will re install Chrome and test.

 

Also can I delete everything that the EST scan found above or just what you have suggested??

 

You have been a big help thank you. I will be donating.

Link to post
Share on other sites

Try to reinstall Malwarebytes:

  • Download and run mbam-clean.exe from here
  • It will ask to restart your computer, please allow it to do so very important
  • After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
    • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.

      Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.

Link to post
Share on other sites

  • 4 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.