Jump to content

Recommended Posts

So I just downloaded this program yesterday and found a BUNCH of PUPs and a few other things. Got rid of the other ones but left the PUPs because I was unsure what to do. Here's the logs starting with the DDS, then the Attach, and finally the MBAMlog.
 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.51.2
Run by Administrator at 17:11:43 on 2014-03-16
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1918.231 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Ralink\Common\RaRegistry.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: mysearchdial Helper Object: {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - c:\program files\mysearchdial\1.8.29.0\bh\mysearchdial.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [AVG-Secure-Search-Update_0913a] c:\documents and settings\administrator\application data\avg 0913a campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 9ac9440c4af747d0856cd17921aa5bc1-b6cb7d43208050cf8f67550fcb269cd2fc580059 --CMPID 0913a
uRun: [sanDiskSecureAccess_Manager.exe] c:\documents and settings\administrator\application data\sandisk\SanDiskSecureAccess_Manager.exe
uRun: [spotify Web Helper] "c:\documents and settings\administrator\application data\spotify\data\SpotifyWebHelper.exe"
uRun: [Facebook Update] "c:\documents and settings\administrator\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [AdobeBridge] <no file>
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE -startup
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
dRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\administrator\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\18.0.0\ViProtocol.dll
Notify: SDWinLogon - SDWinLogon.dll
SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\dkcvtvhg.default\
FF - plugin: c:\documents and settings\administrator\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\tnt2\2.0.0.1378\npTNT2.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\tnt2\2.0.0.1378\npTNT2Ghost.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\17.3.0\npsitesafety.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_44.dll
FF - ExtSQL: 2014-02-10 10:24; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
.
.
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 149272]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 222520]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-5-13 102712]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 27448]
R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2012-8-31 13616]
R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2012-8-31 5632]
R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2012-8-31 13616]
R0 nvlegacy;nvlegacy;c:\windows\system32\drivers\nvlegacy.sys [2012-8-31 100736]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-8-1 120600]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 210712]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 22808]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 193848]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-9-10 42784]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-1-22 3788816]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2013-1-2 54760]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-3-15 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2014-3-15 701512]
R2 RalinkRegistryWriter;RalinkRegistryWriter;c:\program files\ralink\common\RaRegistry.exe [2013-1-4 375872]
R2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\drivers\Scutum50.sys [2013-1-4 19072]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-1-4 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-1-4 1369624]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-5-14 3289208]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-11-14 5087584]
R2 vToolbarUpdater18.0.0;vToolbarUpdater18.0.0;c:\program files\common files\avg secure search\vtoolbarupdater\18.0.0\ToolbarUpdater.exe [2014-3-12 1759768]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-3-15 22856]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-1-4 168384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-1-2 1691480]
S3 Desura Install Service;Desura Install Service;c:\program files\common files\desura\desura_service.exe [2013-7-12 131912]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 RaMediaServer;RaMediaServer;c:\program files\ralink\common\RaMediaServer.exe [2013-1-4 621632]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2013-1-4 2240064]
.
=============== Created Last 30 ================
.
2014-03-15 22:51:17 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2014-03-15 22:51:00 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-03-15 22:50:58 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-15 22:50:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-03-15 22:22:32 -------- d-----w- c:\program files\Mega Browse
2014-03-15 22:21:46 -------- d-----w- c:\documents and settings\administrator\application data\mysearchdial
2014-03-15 22:21:44 -------- d-----w- c:\program files\Mysearchdial
2014-03-15 22:21:39 18776 ----a-w- c:\windows\system32\roboot.exe
2014-03-15 22:21:34 -------- d-----w- c:\documents and settings\administrator\application data\systweak
2014-03-15 21:43:47 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-14 12:04:19 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Skype
2014-03-13 02:40:56 -------- d-----w- c:\documents and settings\all users\application data\AVG Secure Search
2014-02-23 04:35:58 -------- d-----w- c:\program files\ASIO4ALL v2
2014-02-23 04:32:39 1431552 ----a-w- c:\windows\system32\rewire.dll
2014-02-23 04:32:39 -------- d-----w- c:\program files\VstPlugins
2014-02-23 04:32:18 -------- d-----w- c:\documents and settings\administrator\application data\Image-Line
2014-02-23 04:32:00 1554944 ----a-w- c:\windows\system32\vorbis.acm
2014-02-23 04:31:52 -------- d-----w- c:\program files\DSPRobotics
2014-02-23 04:31:52 -------- d-----w- c:\documents and settings\administrator\application data\FlowStone
2014-02-23 04:26:01 -------- d-----w- c:\program files\Image-Line
2014-02-15 05:38:45 -------- d-----w- c:\documents and settings\administrator\application data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-02-15 05:19:49 -------- d-----w- c:\documents and settings\all users\application data\regid.1986-12.com.adobe
.
==================== Find3M  ====================
.
2014-03-13 04:06:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-13 04:06:35 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-13 02:39:07 42784 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2014-02-24 11:46:36 920064 ----a-w- c:\windows\system32\wininet.dll
2014-02-24 11:45:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-24 11:45:57 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-24 11:45:42 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-24 10:54:21 385024 ----a-w- c:\windows\system32\html.iec
2014-02-07 02:01:37 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55:04 562688 ----a-w- c:\windows\system32\qedit.dll
2014-01-20 04:46:54 22808 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2014-01-04 03:13:05 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-12-19 05:10:01 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-19 04:46:50 145408 ----a-w- c:\windows\system32\javacpl.cpl
.
============= FINISH: 17:12:35.51 ===============

______________________________________________________________________________________________
 
 
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/2/2013 12:06:24 AM
System Uptime: 3/16/2014 2:58:08 PM (3 hours ago)
.
Motherboard: BIOSTAR Group |  | N61PC-M2S
Processor: AMD Athlon II X2 240 Processor | Socket AM2  | 2813/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 146.967 GiB free.
D: is CDROM (CDFS)
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_0781&PID_5575\200542560111CD11426E
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_0781&PID_5575\200542560111CD11426E
Service: USBSTOR
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 802.11n Wireless LAN Card
Device ID: PCI\VEN_1814&DEV_5362&SUBSYS_53621814&REV_00\4&72ACDAA&0&3020
Manufacturer: Ralink Technology, Corp.
Name: 802.11n Wireless LAN Card
PNP Device ID: PCI\VEN_1814&DEV_5362&SUBSYS_53621814&REV_00\4&72ACDAA&0&3020
Service: RT80x86
.
==== System Restore Points ===================
.
RP119: 12/17/2013 6:29:26 PM - System Checkpoint
RP120: 12/20/2013 2:00:39 AM - System Checkpoint
RP121: 12/22/2013 3:38:15 PM - System Checkpoint
RP122: 12/24/2013 11:22:04 PM - System Checkpoint
RP123: 12/28/2013 2:35:23 PM - System Checkpoint
RP124: 12/30/2013 4:34:56 PM - System Checkpoint
RP125: 12/31/2013 5:35:04 PM - System Checkpoint
RP126: 1/1/2014 9:32:44 PM - System Checkpoint
RP127: 1/3/2014 1:21:44 AM - System Checkpoint
RP128: 1/4/2014 2:25:34 AM - System Checkpoint
RP129: 1/9/2014 1:48:03 AM - System Checkpoint
RP130: 1/10/2014 2:15:11 AM - System Checkpoint
RP131: 1/11/2014 2:42:43 AM - System Checkpoint
RP132: 1/12/2014 3:14:38 AM - System Checkpoint
RP133: 1/13/2014 3:16:29 AM - System Checkpoint
RP134: 1/14/2014 4:30:29 AM - System Checkpoint
RP135: 1/15/2014 5:17:59 AM - System Checkpoint
RP136: 1/16/2014 5:22:01 AM - System Checkpoint
RP137: 1/17/2014 5:52:12 AM - System Checkpoint
RP138: 1/17/2014 4:38:59 PM - Installed Java 7 Update 51
RP139: 1/18/2014 3:00:19 AM - Software Distribution Service 3.0
RP140: 1/27/2014 8:11:26 PM - System Checkpoint
RP141: 1/28/2014 8:19:46 PM - System Checkpoint
RP142: 1/30/2014 8:05:14 AM - System Checkpoint
RP143: 2/9/2014 11:24:52 PM - System Checkpoint
RP144: 2/10/2014 11:26:42 PM - System Checkpoint
RP145: 2/12/2014 10:34:11 PM - System Checkpoint
RP146: 2/19/2014 11:40:02 PM - System Checkpoint
RP147: 2/21/2014 1:51:29 AM - System Checkpoint
RP148: 2/22/2014 9:26:37 PM - System Checkpoint
RP149: 2/25/2014 12:24:18 PM - System Checkpoint
RP150: 2/27/2014 11:35:11 PM - System Checkpoint
RP151: 3/12/2014 7:58:42 PM - Installed AVG 2014
RP152: 3/13/2014 3:00:19 AM - Software Distribution Service 3.0
RP153: 3/14/2014 7:57:55 PM - System Checkpoint
RP154: 3/15/2014 3:10:15 PM - Removed iTunes
RP155: 3/16/2014 3:17:54 PM - Removed puush
RP156: 3/16/2014 3:23:15 PM - Removed Facebook Video Calling 2.0.0.447
.
==== Installed Programs ======================
.
Ace of Spades
Adobe AIR
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Help Manager
Adobe Reader X (10.1.4)
AIM for Windows
Antichamber
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
AVG 2013
AVG 2014
AVG SafeGuard toolbar
Bonjour
Castle Story
CCleaner
Counter-Strike: Source
Day of Defeat: Source
Defraggler
Desura
Desura: Project Zomboid
Download Updater (AOL Inc.)
Dropbox
F.E.A.R.
FTL: Faster Than Light
Garry's Mod
GOM Player
Google Chrome
Google Update Helper
Gunpoint
Half-Life
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB954550-v5)
Installation Windows Live
Java 7 Update 17
Java 7 Update 51
Java Auto Updater
K-Lite Mega Codec Pack 9.2.0
Katawa Shoujo
League of Legends
Legend of Dungeon
Malwarebytes Anti-Malware version 1.75.0.1300
McPixel
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mortal Kombat Kollection
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP3 Parser (KB2758694)
My Game Long Name
Nero 8 Lite 8.3.6.0
Notepad++
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA SMBus Driver
OpenOffice.org 3.4.1
Paint.NET v3.5.11
PowerISO
Ralink RT2860 Wireless LAN Card
Realtek High Definition Audio Driver
Revo Uninstaller 1.94
SanDiskSecureAccess_Manager.exe
Scribblenauts Unlimited
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2925418)
Security Update for Windows Media Player (KB2803821-v2)
Security Update for Windows Media Player (KB2803821)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
Segoe UI
Silo 2.2
Skype Click to Call
Skype™ 6.14
Spotify
Spybot - Search & Destroy
Starbound
Steam
System Requirements Lab CYRI
Team Fortress 2
TeamSpeak 3 Client
TeamViewer 8
The Binding of Isaac
The Elder Scrolls IV: Oblivion 
The Lord of the Rings Online™
The Lord of the Rings Online™ v03.08.00.8029
To the Moon
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Visual Studio 2012 x86 Redistributables
VLC media player 2.0.3
WebFldrs XP
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
Windows Live Communications Platform
Windows Live Contrôle parental
Windows Live ID Sign-in Assistant
Windows Live Messenger
WinRAR 4.20 (32-bit)
WorldPainter 1.7.1
XnView 1.99
Yahoo! Messenger
Zero Assumption Recovery Version 9
.
==== Event Viewer Messages From Past Week ========
.
3/16/2014 3:19:33 AM, error: Disk [11]  - The driver detected a controller error on \Device\Harddisk7\D.
3/15/2014 7:39:23 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  nvlegacy
3/15/2014 3:28:39 PM, error: Service Control Manager [7031]  - The Update Mega Browse service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
3/13/2014 5:03:42 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.
3/13/2014 5:03:42 PM, error: Service Control Manager [7000]  - The Spybot-S&D 2 Security Center Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 
______________________________________________________________________________________________
 
 
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.16.01
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: FUZZYFARM [administrator]
 
Protection: Enabled
 
3/16/2014 5:18:47 PM
MBAM-log-2014-03-16 (17-35-33).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240924
Time elapsed: 12 minute(s), 16 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 12
HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\Software\MozillaPlugins\@tnt2ghost.com/Plugin (PUP.Optional.TidyNetwork.A) -> No action taken.
HKCR\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37} (PUP.Optional.TidyNetwork.A) -> No action taken.
HKCR\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F} (PUP.Optional.TidyNetwork.A) -> No action taken.
HKCR\CLSID\{DD260902-9420-4055-A956-9152EB4F3E6A} (PUP.Optional.TidyNetwork.A) -> No action taken.
 
Registry Values Detected: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A2O0R1R1H2Z1S1G0H1F -> No action taken.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 9
C:\Documents and Settings\Administrator\Application Data\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Administrator\Application Data\mysearchdial\icons_2.18.2.0 (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.29.0 (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.29.0\bh (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2 (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378 (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\Profiles (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\Profiles\10285 (PUP.Optional.TidyNetwork.A) -> No action taken.
 
Files Detected: 53
C:\Program Files\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Administrator\My Documents\Downloads\AIM_Install.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Documents and Settings\Administrator\My Documents\Downloads\E-Force .exe (PUP.Optional.Installex) -> No action taken.
C:\Documents and Settings\Administrator\My Documents\Downloads\PowerISO5.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Documents and Settings\Administrator\My Documents\Downloads\Brennan Heart .exe (PUP.Optional.Installex) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Temp\is1275519350\1989521_stp\MegaBrowseSetup.exe (PUP.Optional.MegaBrowse.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\86PM6300\Setup[1].exe (PUP.Optional.MegaBrowse.A) -> No action taken.
C:\WINDOWS\system32\roboot.exe (PUP.Optional.PCPerformer.A) -> No action taken.
C:\Program Files\Mysearchdial\1.8.29.0\FavIcon.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\Autorun.inf (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\crx.tar (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\ffassist.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\GLOBALUNINSTALL.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\hmac.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\ie8starter.exe (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\iehpr.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\iestage2.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\IEToolbar.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\IEToolbar64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\INSTALL.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\LastSession.log (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\log.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\npTNT2.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\npTNT2Ghost.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\OldStyleSB.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\OSD958B.OSD (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\PARTNER.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\passport.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\passport64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\pinnedSearch.htm (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\pinnedSearch_FindWide.htm (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\progress.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\regsvr.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\RemoteSkin.wms (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\safari.safariextz (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\sqlite.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\Tnt2Cbt.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\TNT2User.exe (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\TNT2UserPS.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\TNT2UserPS64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\TntMagicDel.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\UNINSTALL.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\UninstallDlg.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\untar.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\UPDATE.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\xpi.tar (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\2.0.0.1378\zipunzip.1.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\Profiles\10285\icon.ico (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\Profiles\10285\inst.ini (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\Profiles\10285\PARTNER.2.TNT (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\Profiles\10285\passport.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\Profiles\10285\passport64.dll (PUP.Optional.TidyNetwork.A) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TNT2\Profiles\10285\runt.ini (PUP.Optional.TidyNetwork.A) -> No action taken.
 
(end)

 

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.