DHS ICE Ransomeware on old desktop!

[Dbriem]

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AMJ15OO2\WSSetup[1].exe multiple threats

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QF4ST24S\update[1] multiple threats

C:\Documents and Settings\Owner\Local Settings\Temp\dlm1D.tmp\DownloadXPro.exe Win32/OpenCandy application

C:\Documents and Settings\Owner\My Documents\cbsidlm-cbsi145-DownloadX_ActiveX_Download_Control-SEO-10911713.exe a variant of Win32/CNETInstaller.B application

C:\Documents and Settings\User\Local Settings\Temp\Optimizer_Pro.exe multiple threats

C:\Documents and Settings\User\Local Settings\Temp\551BF67B-BAB0-7891-9472-782349FD0755\Latest\ccp.exe Win32/Toolbar.Babylon.M application

C:\Documents and Settings\User\Local Settings\Temp\551BF67B-BAB0-7891-9472-782349FD0755\Latest\IEHelper.dll Win32/Toolbar.Babylon.E application

C:\Documents and Settings\User\Local Settings\Temp\ins2717\OptimizerPro.exe probably a variant of Win32/SpeedingUpMyPC.B application

C:\Documents and Settings\User\Local Settings\Temp\scoped_dir_5140_29369\CRX_INSTALL\background.html Win32/Toolbar.Perion.D application

C:\Program Files\Driver Pro\DPSmartScan.exe a variant of Win32/Adware.SpeedingUpMyPC.C application

C:\WINDOWS\Temp\dpsetup.exe a variant of Win32/Adware.SpeedingUpMyPC.C application

C:\WINDOWS\Temp\INJ001\ExtensionUpdate.exe multiple threats

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-12-2013

Ran by Owner (administrator) on CUSTOM on 01-12-2013 16:57:25

Running from C:\Documents and Settings\Owner\Desktop

Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)

Internet Explorer Version 6

Boot Mode: Normal

 

==================== Processes (Whitelisted) ===================

 

(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Farbar) C:\Documents and Settings\Owner\Desktop\FRST (1).exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

MountPoints2: {b31247aa-5086-11e3-affb-806d6172696f} - D:\SETUP.EXE /AUTORUN

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk

ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE8MSE&PC=UP09

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8MSE&PC=UP09

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.

SearchScopes: HKLM - DefaultScope value is missing.

ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8462848 2012-06-08] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\gbcac4do.default

 

Chrome: 

=======

CHR Extension: (Google Docs) - C:\DOCUME~1\Owner\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\DOCUME~1\Owner\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\DOCUME~1\Owner\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\DOCUME~1\Owner\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Google Wallet) - C:\DOCUME~1\Owner\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0

CHR Extension: (Gmail) - C:\DOCUME~1\Owner\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

 

========================== Services (Whitelisted) =================

 

S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

 

==================== Drivers (Whitelisted) ====================

 

R3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)

R3 EL90XBC; C:\Windows\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)

R3 gameenum; C:\Windows\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)

R3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-10-30] (HP)

R3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-10-30] (HP)

R3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2007-10-30] (HP)

S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

R3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)

U1 WS2IFSL; 

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-12-01 16:57 - 2013-12-01 16:58 - 00005292 ____C C:\Documents and Settings\Owner\Desktop\FRST.txt

2013-12-01 16:57 - 2013-12-01 16:57 - 00000000 ___DC C:\FRST

2013-12-01 16:56 - 2013-12-01 16:56 - 01092389 _____ (Farbar) C:\Documents and Settings\Owner\Desktop\FRST (1).exe

2013-12-01 02:22 - 2013-12-01 02:23 - 00000000 ____D C:\WINDOWS\system32\NtmsData

2013-11-30 02:38 - 2013-11-30 02:38 - 00000000 ____D C:\Program Files\ESET

2013-11-28 19:29 - 2013-11-28 19:29 - 00000000 __SHD C:\Documents and Settings\Owner\IECompatCache

2013-11-28 11:25 - 2013-11-28 11:25 - 00002020 ____C C:\Documents and Settings\Owner\Desktop\RKreport[0]_D_11282013_112539.txt

2013-11-28 11:24 - 2013-11-28 11:24 - 00001975 ____C C:\Documents and Settings\Owner\Desktop\RKreport[0]_S_11282013_112418.txt

2013-11-28 08:07 - 2013-11-28 08:07 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Google

2013-11-28 03:26 - 2013-11-28 03:26 - 00000000 _SHDC C:\Documents and Settings\LocalService.NT AUTHORITY\IETldCache

2013-11-27 15:42 - 2013-11-27 15:42 - 00001942 ____C C:\Documents and Settings\Owner\Desktop\RKreport[0]_S_11272013_154247.txt

2013-11-27 15:40 - 2013-11-28 11:26 - 00000000 ____D C:\Documents and Settings\Owner\Desktop\RK_Quarantine

2013-11-27 12:24 - 2013-11-27 12:24 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\DownloadX ActiveX Download Control 1.6

2013-11-27 12:24 - 2013-11-27 12:24 - 00000000 ____D C:\Program Files\DownloadXCtrl.com

2013-11-27 12:06 - 2013-11-27 12:23 - 00923784 _____ (CNET Download.com) C:\Documents and Settings\Owner\My Documents\cbsidlm-cbsi145-DownloadX_ActiveX_Download_Control-SEO-10911713.exe

2013-11-27 12:01 - 2013-11-27 12:01 - 00000000 __SHD C:\Documents and Settings\Owner\PrivacIE

2013-11-27 02:51 - 2013-11-27 02:53 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\MFAData

2013-11-27 02:51 - 2013-11-27 02:51 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData

2013-11-27 02:51 - 2013-11-27 02:51 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2014

2013-11-27 02:48 - 2013-11-27 02:48 - 00000000 ____D C:\Program Files\MSECache

2013-11-27 02:38 - 2013-11-27 02:38 - 00000104 ____C C:\Documents and Settings\Owner\Desktop\Shortcut to My Computer.lnk

2013-11-27 02:32 - 2013-11-27 02:49 - 00002497 ____C C:\Documents and Settings\Owner\Desktop\Microsoft Office Word 2003.lnk

2013-11-27 02:32 - 2013-11-27 02:32 - 00000000 ____D C:\Program Files\Microsoft ActiveSync

2013-11-27 02:28 - 2013-11-27 02:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$

2013-11-27 02:27 - 2013-11-27 02:27 - 00006015 _____ C:\WINDOWS\KB2900986.log

2013-11-27 02:27 - 2013-11-27 02:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$

2013-11-27 02:26 - 2013-11-27 02:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$

2013-11-27 02:26 - 2013-11-27 02:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$

2013-11-27 02:14 - 2013-11-27 02:28 - 00013000 _____ C:\WINDOWS\KB2868626.log

2013-11-27 02:13 - 2013-11-27 02:26 - 00011927 _____ C:\WINDOWS\KB2862152.log

2013-11-27 02:13 - 2013-11-27 02:26 - 00011748 _____ C:\WINDOWS\KB2876331.log

2013-11-27 01:38 - 2013-11-27 03:03 - 00000000 ___DC C:\Documents and Settings\Owner\Application Data\Apple Computer

2013-11-27 01:38 - 2013-11-27 01:38 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Apple Computer

2013-11-27 01:31 - 2013-11-27 01:31 - 00000000 ___DC C:\Documents and Settings\Owner\Application Data\WinRAR

2013-11-27 01:30 - 2013-11-27 01:30 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR

2013-11-27 01:30 - 2013-11-27 01:30 - 00000000 ____D C:\Program Files\WinRAR

2013-11-27 01:30 - 2013-11-27 01:30 - 00000000 ____D C:\Documents and Settings\Owner\Start Menu\Programs\WinRAR

2013-11-27 01:08 - 2013-11-27 01:16 - 00000000 ___DC C:\Documents and Settings\Owner\Application Data\Mozilla

2013-11-27 01:08 - 2013-11-27 01:08 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla

2013-11-27 01:07 - 2013-11-27 01:07 - 00000730 ____C C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

2013-11-27 01:07 - 2013-11-27 01:07 - 00000724 ____C C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

2013-11-27 01:07 - 2013-11-27 01:07 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Mozilla

2013-11-27 01:07 - 2013-11-27 01:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

2013-11-27 01:06 - 2013-11-27 01:06 - 00282904 _____ (Mozilla) C:\Documents and Settings\Owner\My Documents\Firefox Setup Stub 25.0.1.exe

2013-11-27 00:56 - 2013-11-27 00:56 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)

2013-11-27 00:51 - 2013-11-27 11:35 - 00000000 ___DC C:\Documents and Settings\Owner\Desktop\mbar

2013-11-27 00:51 - 2013-11-27 00:51 - 00047064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2013-11-27 00:43 - 2013-11-27 00:43 - 00000784 ____C C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-27 00:43 - 2013-11-27 00:43 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

2013-11-27 00:43 - 2013-11-27 00:43 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-11-27 00:43 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2013-11-27 00:42 - 2013-11-27 02:50 - 00045912 _____ C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2013-11-27 00:41 - 2013-11-26 17:40 - 10285040 ____C (Malwarebytes Corporation                                    ) C:\Documents and Settings\Owner\Desktop\mbam-setup-1.75.0.1300 (1).exe

2013-11-27 00:41 - 2013-11-26 17:37 - 00688992 ___RC (Swearware) C:\Documents and Settings\Owner\Desktop\dds.scr

2013-11-25 16:29 - 2013-11-25 16:29 - 00000000 ___DC C:\Documents and Settings\Owner\Application Data\Malwarebytes

2013-11-25 16:18 - 2013-11-25 16:18 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Apple

2013-11-18 12:24 - 2013-11-18 12:24 - 00000767 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk

2013-11-18 12:23 - 2013-11-18 12:24 - 00000738 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk

2013-11-18 12:23 - 2013-11-18 12:23 - 00000000 __SHD C:\Documents and Settings\Owner\IETldCache

2013-11-18 12:22 - 2013-11-28 19:29 - 00000000 ___DC C:\Documents and Settings\Owner

2013-11-18 12:22 - 2013-11-28 03:26 - 00000000 _SHDC C:\Documents and Settings\LocalService.NT AUTHORITY

2013-11-18 12:22 - 2013-11-28 03:24 - 00000178 __SHC C:\Documents and Settings\Owner\ntuser.ini

2013-11-18 12:22 - 2013-11-18 12:43 - 00000788 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk

2013-11-18 12:22 - 2013-11-18 12:23 - 00000000 ___RD C:\Documents and Settings\Owner\Start Menu\Programs\Accessories

2013-11-18 12:22 - 2013-11-18 12:22 - 00000020 __SHC C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.ini

2013-11-18 12:22 - 2013-11-18 12:22 - 00000020 __SHC C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.ini

2013-11-18 12:22 - 2013-11-18 12:22 - 00000000 _SHDC C:\Documents and Settings\NetworkService.NT AUTHORITY

2013-11-18 12:22 - 2012-11-25 03:12 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft Help

2013-11-18 12:22 - 2012-11-14 09:54 - 00000000 ___DC C:\Documents and Settings\Owner\Application Data\Macromedia

2013-11-18 12:22 - 2012-11-13 12:49 - 00001599 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Remote Assistance.lnk

2013-11-18 04:49 - 2013-11-18 04:58 - 00000000 ____D C:\WINDOWS\tmp

2013-11-07 09:07 - 2013-11-07 09:07 - 00000023 ____C C:\.directory.lock

2013-11-07 09:07 - 2013-11-07 09:07 - 00000000 ____C C:\.directorycl5632.new

2013-11-06 19:57 - 2013-11-06 19:57 - 00001190 _____ C:\WINDOWS\system32\ServiceConfig.xml

2013-11-04 16:32 - 2013-11-04 16:32 - 00165121 ____C C:\Documents and Settings\All Users\Application Data\f8a04_l

2013-11-04 16:32 - 2013-11-04 16:32 - 00165121 _____ C:\Documents and Settings\User\Application Data\f8a04_l

2013-11-04 16:32 - 2013-11-04 16:32 - 00000393 ____C C:\Documents and Settings\All Users\Application Data\w9qqfrbn.reg

2013-11-04 16:26 - 2013-11-17 14:09 - 95025368 ___CT C:\Documents and Settings\All Users\Application Data\w9qqfrbn.bxx

2013-11-04 16:26 - 2013-11-17 14:09 - 00000000 ____C C:\Documents and Settings\All Users\Application Data\w9qqfrbn.fvv

 

==================== One Month Modified Files and Folders =======

 

2013-12-01 16:58 - 2013-12-01 16:57 - 00005292 ____C C:\Documents and Settings\Owner\Desktop\FRST.txt

2013-12-01 16:57 - 2013-12-01 16:57 - 00000000 ___DC C:\FRST

2013-12-01 16:56 - 2013-12-01 16:56 - 01092389 _____ (Farbar) C:\Documents and Settings\Owner\Desktop\FRST (1).exe

2013-12-01 16:56 - 2013-09-20 09:11 - 00000424 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{11E5AB39-BE45-46BC-B1D3-C26FF6C355BF}.job

2013-12-01 16:56 - 2012-11-13 13:29 - 00000420 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{3732893A-D075-4DDC-B360-266B24E44125}.job

2013-12-01 16:37 - 2012-11-13 13:04 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-12-01 16:20 - 2013-01-01 22:48 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2013-12-01 16:16 - 2012-11-13 12:53 - 00032244 _____ C:\WINDOWS\SchedLgU.Txt

2013-12-01 11:13 - 2012-11-13 12:47 - 01132027 _____ C:\WINDOWS\WindowsUpdate.log

2013-12-01 02:36 - 2013-09-20 06:22 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

2013-12-01 02:23 - 2013-12-01 02:22 - 00000000 ____D C:\WINDOWS\system32\NtmsData

2013-12-01 02:18 - 2012-11-13 05:21 - 01217048 _____ C:\WINDOWS\FaxSetup.log

2013-12-01 02:18 - 2012-11-13 05:21 - 00605384 _____ C:\WINDOWS\ocgen.log

2013-12-01 02:18 - 2012-11-13 05:21 - 00473692 _____ C:\WINDOWS\tsoc.log

2013-12-01 02:18 - 2012-11-13 05:21 - 00415575 _____ C:\WINDOWS\comsetup.log

2013-12-01 02:18 - 2012-11-13 05:21 - 00252052 _____ C:\WINDOWS\ntdtcsetup.log

2013-12-01 02:18 - 2012-11-13 05:21 - 00193012 _____ C:\WINDOWS\iis6.log

2013-12-01 02:18 - 2012-11-13 05:21 - 00068403 _____ C:\WINDOWS\ocmsn.log

2013-12-01 02:18 - 2012-11-13 05:21 - 00061676 _____ C:\WINDOWS\msgsocm.log

2013-12-01 02:18 - 2012-11-13 05:21 - 00001917 _____ C:\WINDOWS\imsins.log

2013-12-01 02:18 - 2012-11-13 05:18 - 00669562 _____ C:\WINDOWS\setupapi.log

2013-12-01 02:17 - 2012-11-24 09:10 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office

2013-12-01 02:16 - 2012-11-17 17:56 - 00000000 ____D C:\WINDOWS\SHELLNEW

2013-12-01 02:08 - 2012-11-13 05:18 - 00177942 _____ C:\WINDOWS\setupact.log

2013-12-01 02:05 - 2012-11-13 05:24 - 00000159 _____ C:\WINDOWS\wiadebug.log

2013-12-01 02:04 - 2013-01-01 22:48 - 00000878 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2013-12-01 02:04 - 2012-11-13 12:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2013-12-01 02:04 - 2012-11-13 05:24 - 00000049 _____ C:\WINDOWS\wiaservc.log

2013-12-01 02:04 - 2001-08-18 05:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl

2013-11-30 02:38 - 2013-11-30 02:38 - 00000000 ____D C:\Program Files\ESET

2013-11-30 01:25 - 2013-01-01 22:54 - 00000000 ___DC C:\Documents and Settings\Owner\Desktop\Google Chrome

2013-11-28 19:29 - 2013-11-28 19:29 - 00000000 __SHD C:\Documents and Settings\Owner\IECompatCache

2013-11-28 19:29 - 2013-11-18 12:22 - 00000000 ___DC C:\Documents and Settings\Owner

2013-11-28 19:22 - 2012-11-13 12:44 - 00000000 __RDC C:\Documents and Settings\All Users\Start Menu\Programs\Games

2013-11-28 19:22 - 2012-11-13 12:44 - 00000000 ____D C:\Program Files\Online Services

2013-11-28 19:22 - 2012-11-13 05:21 - 00524218 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2013-11-28 19:22 - 2012-11-13 05:21 - 00004625 _____ C:\WINDOWS\imsins.BAK

2013-11-28 18:52 - 2012-11-13 05:12 - 00000000 ____D C:\WINDOWS\Help

2013-11-28 11:26 - 2013-11-27 15:40 - 00000000 ____D C:\Documents and Settings\Owner\Desktop\RK_Quarantine

2013-11-28 11:25 - 2013-11-28 11:25 - 00002020 ____C C:\Documents and Settings\Owner\Desktop\RKreport[0]_D_11282013_112539.txt

2013-11-28 11:24 - 2013-11-28 11:24 - 00001975 ____C C:\Documents and Settings\Owner\Desktop\RKreport[0]_S_11282013_112418.txt

2013-11-28 08:45 - 2012-12-22 09:11 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2013-11-28 08:07 - 2013-11-28 08:07 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Google

2013-11-28 03:26 - 2013-11-28 03:26 - 00000000 _SHDC C:\Documents and Settings\LocalService.NT AUTHORITY\IETldCache

2013-11-28 03:26 - 2013-11-18 12:22 - 00000000 _SHDC C:\Documents and Settings\LocalService.NT AUTHORITY

2013-11-28 03:24 - 2013-11-18 12:22 - 00000178 __SHC C:\Documents and Settings\Owner\ntuser.ini

2013-11-28 03:06 - 2012-11-13 12:46 - 00000000 ____D C:\WINDOWS\system32\Restore

2013-11-27 15:42 - 2013-11-27 15:42 - 00001942 ____C C:\Documents and Settings\Owner\Desktop\RKreport[0]_S_11272013_154247.txt

2013-11-27 15:21 - 2013-09-20 11:04 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\OMG Total Protection

2013-11-27 12:28 - 2012-11-14 09:43 - 00002404 _____ C:\WINDOWS\system32\d3d9caps.dat

2013-11-27 12:24 - 2013-11-27 12:24 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\DownloadX ActiveX Download Control 1.6

2013-11-27 12:24 - 2013-11-27 12:24 - 00000000 ____D C:\Program Files\DownloadXCtrl.com

2013-11-27 12:23 - 2013-11-27 12:06 - 00923784 _____ (CNET Download.com) C:\Documents and Settings\Owner\My Documents\cbsidlm-cbsi145-DownloadX_ActiveX_Download_Control-SEO-10911713.exe

2013-11-27 12:01 - 2013-11-27 12:01 - 00000000 __SHD C:\Documents and Settings\Owner\PrivacIE

2013-11-27 11:47 - 2012-11-13 12:45 - 00000000 ____D C:\WINDOWS\Registration

2013-11-27 11:35 - 2013-11-27 00:51 - 00000000 ___DC C:\Documents and Settings\Owner\Desktop\mbar

2013-11-27 11:27 - 2012-11-13 17:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982665$

2013-11-27 03:03 - 2013-11-27 01:38 - 00000000 ___DC C:\Documents and Settings\Owner\Application Data\Apple Computer

2013-11-27 03:01 - 2012-12-12 03:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2779030$

2013-11-27 03:01 - 2012-11-13 13:19 - 00014662 _____ C:\WINDOWS\spupdsvc.log

2013-11-27 03:01 - 2012-11-13 05:18 - 00204120 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-11-27 02:53 - 2013-11-27 02:51 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\MFAData

2013-11-27 02:51 - 2013-11-27 02:51 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData

2013-11-27 02:51 - 2013-11-27 02:51 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2014

2013-11-27 02:50 - 2013-11-27 00:42 - 00045912 _____ C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2013-11-27 02:49 - 2013-11-27 02:32 - 00002497 ____C C:\Documents and Settings\Owner\Desktop\Microsoft Office Word 2003.lnk

2013-11-27 02:48 - 2013-11-27 02:48 - 00000000 ____D C:\Program Files\MSECache

2013-11-27 02:38 - 2013-11-27 02:38 - 00000104 ____C C:\Documents and Settings\Owner\Desktop\Shortcut to My Computer.lnk

2013-11-27 02:33 - 2012-11-17 18:01 - 00000376 _____ C:\WINDOWS\ODBC.INI

2013-11-27 02:32 - 2013-11-27 02:32 - 00000000 ____D C:\Program Files\Microsoft ActiveSync

2013-11-27 02:32 - 2012-11-13 05:21 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-11-27 02:29 - 2012-11-17 17:56 - 00000000 ____D C:\Program Files\Microsoft Office

2013-11-27 02:28 - 2013-11-27 02:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$

2013-11-27 02:28 - 2013-11-27 02:14 - 00013000 _____ C:\WINDOWS\KB2868626.log

2013-11-27 02:28 - 2013-07-12 02:31 - 00015966 _____ C:\WINDOWS\KB2834886.log

2013-11-27 02:28 - 2012-11-13 17:42 - 00041997 _____ C:\WINDOWS\KB2659262.log

2013-11-27 02:28 - 2012-11-13 17:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2659262$

2013-11-27 02:28 - 2012-11-13 13:18 - 00088597 _____ C:\WINDOWS\updspapi.log

2013-11-27 02:27 - 2013-11-27 02:27 - 00006015 _____ C:\WINDOWS\KB2900986.log

2013-11-27 02:27 - 2013-11-27 02:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$

2013-11-27 02:27 - 2013-07-12 02:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$

2013-11-27 02:27 - 2012-11-13 17:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2686509$

2013-11-27 02:27 - 2012-11-13 17:42 - 00047487 _____ C:\WINDOWS\KB2686509.log

2013-11-27 02:26 - 2013-11-27 02:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$

2013-11-27 02:26 - 2013-11-27 02:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$

2013-11-27 02:26 - 2013-11-27 02:13 - 00011927 _____ C:\WINDOWS\KB2862152.log

2013-11-27 02:26 - 2013-11-27 02:13 - 00011748 _____ C:\WINDOWS\KB2876331.log

2013-11-27 02:26 - 2012-11-13 17:41 - 00044141 _____ C:\WINDOWS\KB2603381.log

2013-11-27 02:26 - 2012-11-13 17:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2603381$

2013-11-27 02:26 - 2012-11-13 17:39 - 00042734 _____ C:\WINDOWS\KB2570947.log

2013-11-27 02:26 - 2012-11-13 17:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2570947$

2013-11-27 02:26 - 2012-11-13 13:19 - 00051107 _____ C:\WINDOWS\KB2467659.log

2013-11-27 02:26 - 2012-11-13 13:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2467659$

2013-11-27 02:25 - 2013-09-20 05:06 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-11-27 02:25 - 2012-11-26 03:11 - 00011289 _____ C:\WINDOWS\KB929399.log

2013-11-27 02:25 - 2012-11-26 03:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB929399$

2013-11-27 02:20 - 2012-11-13 13:15 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2013-11-27 02:19 - 2012-11-13 05:12 - 00000000 ____D C:\WINDOWS\system

2013-11-27 02:12 - 2012-11-13 16:55 - 00014088 _____ C:\WINDOWS\KB898461.log

2013-11-27 02:11 - 2012-11-13 16:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB898461$

2013-11-27 01:38 - 2013-11-27 01:38 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Apple Computer

2013-11-27 01:31 - 2013-11-27 01:31 - 00000000 ___DC C:\Documents and Settings\Owner\Application Data\WinRAR

2013-11-27 01:30 - 2013-11-27 01:30 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR

2013-11-27 01:30 - 2013-11-27 01:30 - 00000000 ____D C:\Program Files\WinRAR

2013-11-27 01:30 - 2013-11-27 01:30 - 00000000 ____D C:\Documents and Settings\Owner\Start Menu\Programs\WinRAR

2013-11-27 01:16 - 2013-11-27 01:08 - 00000000 ___DC C:\Documents and Settings\Owner\Application Data\Mozilla

2013-11-27 01:08 - 2013-11-27 01:08 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla

2013-11-27 01:07 - 2013-11-27 01:07 - 00000730 ____C C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

2013-11-27 01:07 - 2013-11-27 01:07 - 00000724 ____C C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

2013-11-27 01:07 - 2013-11-27 01:07 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Mozilla

2013-11-27 01:07 - 2013-11-27 01:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

2013-11-27 01:07 - 2012-11-20 23:26 - 00000000 ____D C:\Program Files\Mozilla Firefox

2013-11-27 01:06 - 2013-11-27 01:06 - 00282904 _____ (Mozilla) C:\Documents and Settings\Owner\My Documents\Firefox Setup Stub 25.0.1.exe

2013-11-27 00:56 - 2013-11-27 00:56 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)

2013-11-27 00:51 - 2013-11-27 00:51 - 00047064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2013-11-27 00:43 - 2013-11-27 00:43 - 00000784 ____C C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-27 00:43 - 2013-11-27 00:43 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

2013-11-27 00:43 - 2013-11-27 00:43 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-11-26 17:40 - 2013-11-27 00:41 - 10285040 ____C (Malwarebytes Corporation                                    ) C:\Documents and Settings\Owner\Desktop\mbam-setup-1.75.0.1300 (1).exe

2013-11-26 17:37 - 2013-11-27 00:41 - 00688992 ___RC (Swearware) C:\Documents and Settings\Owner\Desktop\dds.scr

2013-11-25 16:29 - 2013-11-25 16:29 - 00000000 ___DC C:\Documents and Settings\Owner\Application Data\Malwarebytes

2013-11-25 16:26 - 2012-11-13 13:30 - 00013646 _____ C:\WINDOWS\system32\wpa.bak

2013-11-25 16:26 - 2012-11-13 12:53 - 00008192 _____ C:\WINDOWS\REGLOCS.OLD

2013-11-25 16:18 - 2013-11-25 16:18 - 00000000 ____D C:\Documents and Settings\Owner\Local Settings\Application Data\Apple

2013-11-25 08:29 - 2012-11-17 22:38 - 00000000 ____D C:\unzipped

2013-11-18 12:43 - 2013-11-18 12:22 - 00000788 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk

2013-11-18 12:43 - 2012-11-13 12:44 - 00013616 _____ C:\WINDOWS\wmsetup.log

2013-11-18 12:24 - 2013-11-18 12:24 - 00000767 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk

2013-11-18 12:24 - 2013-11-18 12:23 - 00000738 _____ C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk

2013-11-18 12:23 - 2013-11-18 12:23 - 00000000 __SHD C:\Documents and Settings\Owner\IETldCache

2013-11-18 12:23 - 2013-11-18 12:22 - 00000000 ___RD C:\Documents and Settings\Owner\Start Menu\Programs\Accessories

2013-11-18 12:23 - 2001-08-18 05:00 - 00000638 _____ C:\WINDOWS\win.ini

2013-11-18 12:22 - 2013-11-18 12:22 - 00000020 __SHC C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.ini

2013-11-18 12:22 - 2013-11-18 12:22 - 00000020 __SHC C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.ini

2013-11-18 12:22 - 2013-11-18 12:22 - 00000000 _SHDC C:\Documents and Settings\NetworkService.NT AUTHORITY

2013-11-18 04:58 - 2013-11-18 04:49 - 00000000 ____D C:\WINDOWS\tmp

2013-11-18 03:30 - 2012-11-13 05:17 - 00000392 _RSHC C:\boot.ini

2013-11-17 14:09 - 2013-11-04 16:26 - 95025368 ___CT C:\Documents and Settings\All Users\Application Data\w9qqfrbn.bxx

2013-11-17 14:09 - 2013-11-04 16:26 - 00000000 ____C C:\Documents and Settings\All Users\Application Data\w9qqfrbn.fvv

2013-11-17 14:08 - 2012-11-13 05:17 - 08388608 _____ C:\WINDOWS\system32\config\system.bak

2013-11-16 01:43 - 2012-11-13 12:55 - 00000178 ___SH C:\Documents and Settings\User\ntuser.ini

2013-11-07 09:07 - 2013-11-07 09:07 - 00000023 ____C C:\.directory.lock

2013-11-07 09:07 - 2013-11-07 09:07 - 00000000 ____C C:\.directorycl5632.new

2013-11-06 19:57 - 2013-11-06 19:57 - 00001190 _____ C:\WINDOWS\system32\ServiceConfig.xml

2013-11-04 16:32 - 2013-11-04 16:32 - 00165121 ____C C:\Documents and Settings\All Users\Application Data\f8a04_l

2013-11-04 16:32 - 2013-11-04 16:32 - 00165121 _____ C:\Documents and Settings\User\Application Data\f8a04_l

2013-11-04 16:32 - 2013-11-04 16:32 - 00000393 ____C C:\Documents and Settings\All Users\Application Data\w9qqfrbn.reg

 

Some content of TEMP:

====================

C:\Documents and Settings\Owner\Local Settings\Temp\ntdll_dump.dll

C:\Documents and Settings\User\Local Settings\Temp\FLVPlayerSetup.exe

C:\Documents and Settings\User\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe

C:\Documents and Settings\User\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe

C:\Documents and Settings\User\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe

C:\Documents and Settings\User\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe

C:\Documents and Settings\User\Local Settings\Temp\Optimizer_Pro.exe

C:\Documents and Settings\User\Local Settings\Temp\ose00000.exe

C:\Documents and Settings\User\Local Settings\Temp\setup_wm.exe

C:\Documents and Settings\User\Local Settings\Temp\The_Weather_Channel_Application.exe

C:\Documents and Settings\User\Local Settings\Temp\uninst1.exe

C:\Documents and Settings\User\Local Settings\Temp\vlc-2.0.2-win32.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

==================== End Of Log ============================

[Psychotic]

Fix with FRST (normal mode)

• Open notepad (Start =>All Programs => Accessories => Notepad).
• Please copy the entire contents of the code box below.
  (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
• Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.
  
  

  C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AMJ15OO2C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QF4ST24SC:\Documents and Settings\Owner\Local Settings\Temp\dlm1D.tmpC:\Documents and Settings\Owner\My Documents\cbsidlm-cbsi145-DownloadX_ActiveX_Download_Control-SEO-10911713.exeC:\Documents and Settings\User\Local Settings\Temp\Optimizer_Pro.exeC:\Documents and Settings\User\Local Settings\Temp\551BF67B-BAB0-7891-9472-782349FD0755C:\Documents and Settings\User\Local Settings\Temp\ins2717\OptimizerPro.exeC:\Documents and Settings\User\Local Settings\Temp\scoped_dir_5140_29369C:\Program Files\Driver ProC:\WINDOWS\Temp\dpsetup.exeC:\WINDOWS\Temp\INJ001\ExtensionUpdate.exe

  NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
• Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
• The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.
  

 

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.

• Run adwcleaner.exe
• Hit Scan and wait for the scan to finish.
• Confirm the message but don´t uncheck anything.
• Hit Clean
• When the run is finished, it will open up a text file
• Please post its contents within your next reply
• You´ll find the log file at C:\AdwCleaner[s1].txt also
  

SecurityCheck

Please download SecurityCheck: LINK1 LINK2

• Save it to your desktop, start it and follow the instructions in the window.
• After the scan finished the (checkup.txt) will open. Copy its content to your thread.
  

[Dbriem]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-12-2013

Ran by Owner at 2013-12-07 18:35:48 Run:1

Running from C:\Documents and Settings\Owner\Desktop

Boot Mode: Normal

 

==============================================

 

Content of fixlist:

*****************

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AMJ15OO2

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QF4ST24S

C:\Documents and Settings\Owner\Local Settings\Temp\dlm1D.tmp

C:\Documents and Settings\Owner\My Documents\cbsidlm-cbsi145-DownloadX_ActiveX_Download_Control-SEO-10911713.exe

C:\Documents and Settings\User\Local Settings\Temp\Optimizer_Pro.exe

C:\Documents and Settings\User\Local Settings\Temp\551BF67B-BAB0-7891-9472-782349FD0755

C:\Documents and Settings\User\Local Settings\Temp\ins2717\OptimizerPro.exe

C:\Documents and Settings\User\Local Settings\Temp\scoped_dir_5140_29369

C:\Program Files\Driver Pro

C:\WINDOWS\Temp\dpsetup.exe

C:\WINDOWS\Temp\INJ001\ExtensionUpdate.exe

*****************

 

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AMJ15OO2 => Moved successfully.

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\QF4ST24S => Moved successfully.

C:\Documents and Settings\Owner\Local Settings\Temp\dlm1D.tmp => Moved successfully.

C:\Documents and Settings\Owner\My Documents\cbsidlm-cbsi145-DownloadX_ActiveX_Download_Control-SEO-10911713.exe => Moved successfully.

C:\Documents and Settings\User\Local Settings\Temp\Optimizer_Pro.exe => Moved successfully.

C:\Documents and Settings\User\Local Settings\Temp\551BF67B-BAB0-7891-9472-782349FD0755 => Moved successfully.

C:\Documents and Settings\User\Local Settings\Temp\ins2717\OptimizerPro.exe => Moved successfully.

C:\Documents and Settings\User\Local Settings\Temp\scoped_dir_5140_29369 => Moved successfully.

C:\Program Files\Driver Pro => Moved successfully.

C:\WINDOWS\Temp\dpsetup.exe => Moved successfully.

C:\WINDOWS\Temp\INJ001\ExtensionUpdate.exe => Moved successfully.

 

==== End of Fixlog ====

 

 

 

# AdwCleaner v3.014 - Report created 07/12/2013 at 18:39:44

# Updated 01/12/2013 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Owner - CUSTOM

# Running from : C:\Documents and Settings\Owner\Desktop\adwcleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon

Folder Deleted : C:\Documents and Settings\All Users\Application Data\BitGuard

File Deleted : C:\END

File Deleted : C:\Program Files\Mozilla Firefox\user.js

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

 

-\\ Mozilla Firefox v

 

[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\gbcac4do.default\prefs.js ]

 

 

-\\ Google Chrome v

 

[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [1165 octets] - [07/12/2013 18:37:34]

AdwCleaner[s0].txt - [1098 octets] - [07/12/2013 18:39:44]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1158 octets] ##########

 

 

 

 Results of screen317's Security Check version 0.99.77  

 Windows XP Service Pack 3 x86   

 Internet Explorer 6 Out of date! 

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Security Center service is not running! This report may not be accurate! 

 Windows Firewall Enabled!  

 ESET Online Scanner v3   

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 Google Chrome 30.0.1599.101  

 Google Chrome 30.0.1599.69  

````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 Malwarebytes' Anti-Malware mbamscheduler.exe   

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:: 44% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 

 

 

 

 

 

[Psychotic]

Your system is clean now!

 

 

Internet Explorer out of date

Your version of Internet Explorer is outdated.

1. Please download IE 8 from http://windows.microsoft.com/en-US/internet-explorer/downloads/ie-8.
2. Save it to your desktop.
3. Double click on the file on your desktop to start the installation process.
4. Reboot

 

 

Also, if your C drive is NOT an SSD drive, defrag it using the windows internal defrag program.

 

 

Uninstall our tools using delfix

Please follow these steps in order:

1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
3. In any case please download delfix to your desktop.
   
   • Close all other programms and start delfix.
   • Please check all the boxes and run the tool.
   • delfix will now delete all found traces of our removal process
     

[*] If there is still something left please delete it manualy.

 

 

 

Recommendations: How to protect yourself

• System Updates
  Please ensure to have automatic updates activated in your control panel.
  For further information and a tutorial, see this Microsoft Support article.
• Protection
  What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
  Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
  
  • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
    It will filter unwanted advertising out of the website´s content.
  • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
    It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
    In addition, before accessing a dangerous classified web site, a warning screen is displayed.
    

  
  [*]Up to date Software
  Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:
  

  • Secunia Personal Software Inspector - checks if your software has updates available.
  • SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software.
  • Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser.
    

  [*]Backup
  Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
  The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
  

  • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
  • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
  • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
    They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
    

  
  
  

[Dbriem]

Thank you!

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!