Inactive A troubled PC indeed, frightening really

[Anthony Mandich]

I would really appreciate your assistance in solving this problem once and for all. My computer is as slow as a dead person. It's mind numblingly frustrating. Please enhance my existence by providing help. Thank you in advance.

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[Anthony Mandich]

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.15.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Anthony Mandich :: DD11KK81 [administrator]

Protection: Enabled

1/15/2013 12:57:58 PM
MBAM-log-2013-01-15 (15-22-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 264986
Time elapsed: 2 hour(s), 21 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 8
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> No action taken.
HKCU\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> No action taken.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> No action taken.
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> No action taken.

Registry Values Detected: 2
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 4c0bed552cf714f903a3e48abf5d91b3 -> No action taken.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:5555 -> No action taken.

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 9
C:\Documents and Settings\Anthony Mandich.DD11KK81\My Documents\Downloads\California_Drivers_Licence_PSD_Fonts_Templates_Photoshop_6_by_Adapterz.exe (PUP.Adware.Agent) -> No action taken.
C:\RECYCLER\S-1-5-21-860298848-515712437-2467674782-1006\Dc101.exe (Trojan.Dropper) -> No action taken.
C:\Documents and Settings\Anthony Mandich.DD11KK81\wgsdgsdgdsgsd(2).exe (Trojan.FakeMS) -> No action taken.
C:\Documents and Settings\Anthony Mandich.DD11KK81\Application Data\SYSTEM.exe (Trojan.Agent.Gen) -> No action taken.
C:\Documents and Settings\All Users\Application Data\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> No action taken.
C:\Documents and Settings\Anthony Mandich.DD11KK81\Application Data\data.dat (Stolen.Data) -> No action taken.
C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> No action taken.
C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\Anthony Mandich.DD11KK81\Start Menu\Programs\Startup\runctf.lnk (Trojan.Ransom.SUGen) -> No action taken.

(end)

 

[Anthony Mandich]

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Anthony Mandich at 13:56:34 on 2013-01-15
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files\NETGEAR\WG111T\wlan111t.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Anthony Mandich.DD11KK81\My Documents\Downloads\avast_free_antivirus_setup.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyServer = hxxp=127.0.0.1:5555
uProxyOverride = <local>;*.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
TB: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} -
EB: facemoods.com: {929801A8-4AEF-4D12-BE31-D85BF666452B} -
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [BuildBU] c:\dell\bldbubg.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [PrivitizeVPNInstaller] c:\documents and settings\anthony mandich.dd11kk81\local settings\application data\privitizevpninstaller\PrivitizeVPN_1.0.0.2_install_config.exe /S /delayInstall
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDriveAutoRun = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:149
mPolicies-Explorer: NoDriveAutoRun = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: picclub.com
Trusted Zone: pokerprosnetwork.com
Trusted Zone: ppnpoker.com
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1358284568734
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8D65F208-DB9A-46CB-9B92-DCBC1C417BF0} : DHCPNameServer = 209.18.47.61 209.18.47.62
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs=
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\anthony mandich.dd11kk81\application data\mozilla\firefox\profiles\ir5v5htz.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxp://websearch.shopathome.com?user_id={ed30dd2c-e211-409e-af24-d3d6e05c39e6}&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\google\google gears\firefox\lib\ff36\gears.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\program files\netratingsnetsight\netsight\meter2\ffaddon\components\nsgkff36_meter2.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll
FF - ExtSQL: 2012-12-07 05:57; torntv@torntv.com; c:\documents and settings\anthony mandich.dd11kk81\application data\mozilla\firefox\profiles\ir5v5htz.default\extensions\torntv@torntv.com.xpi
FF - ExtSQL: 2013-01-06 19:36; toolbar@shopathome.com; c:\documents and settings\anthony mandich.dd11kk81\application data\mozilla\firefox\profiles\ir5v5htz.default\extensions\toolbar@shopathome.com
FF - ExtSQL: 2013-01-12 03:22; {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}; c:\program files\mozilla firefox\extensions\{40D65E82-75AC-47CA-8A73-1CEDC2668EFF}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R? androidusb;ADB Interface Driver
R? ATHFMWDL;NETGEAR WG111T Bootloader driver
R? BasicSeek Service;BasicSeek Service
R? bcm;WiMAX Network Adapter
R? bcmbusctr;WiMAX Bus Driver
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? cm_net;C-motech USB Network Adapter Drivers
R? cm_ser;C-motech USB Serial Port2 Driver
R? FsUsbExDisk;FsUsbExDisk
R? hitmanpro35;Hitman Pro 3.5 Support Driver
R? Lbd;Lbd
R? McComponentHostService;McAfee Security Scan Component Host Service
R? NielGfx;Nielsen USB GFX
R? nielprt;Nielsen Patch Service
R? smhwdev;SmartPhone dummy USB PNP Device (Normal)
R? smhwser;USB Device for Legacy Serial Communication (Normal)
R? ssadbus;SAMSUNG Android USB Composite Device driver (WDM)
R? ssadmdfl;SAMSUNG Android USB Modem (Filter)
R? ssadmdm;SAMSUNG Android USB Modem Drivers
R? ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM)
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? DNINDIS5;DNINDIS5 NDIS Protocol Driver
S? IntuitUpdateServiceV4;Intuit Update Service v4
S? MBAMProtector;MBAMProtector
S? MBAMScheduler;MBAMScheduler
S? MBAMService;MBAMService
S? MBAMSwissArmy;MBAMSwissArmy
S? NTI BackupNowEZSvr;NTI BackupNowEZSvr
.
=============== Created Last 30 ================
.
2013-01-15 10:16:26 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-01-15 09:59:43 -------- d-----w- c:\documents and settings\anthony mandich.dd11kk81\application data\Malwarebytes
2013-01-15 09:57:26 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-01-15 09:56:46 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-15 09:56:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-15 08:25:16 -------- d-----w- c:\documents and settings\anthony mandich.dd11kk81\application data\FreeFixer
2013-01-15 08:25:15 -------- d-----w- c:\documents and settings\anthony mandich.dd11kk81\local settings\application data\FreeFixer
2013-01-15 08:25:02 -------- d-----w- c:\program files\FreeFixer
2013-01-14 09:57:59 -------- d-----w- c:\program files\common files\Steam
2013-01-14 09:57:52 -------- d-----w- c:\program files\Steam
2013-01-14 07:35:11 -------- d-----w- c:\documents and settings\all users\application data\McAfee Security Scan
2013-01-14 07:34:35 -------- d-----w- c:\program files\McAfee Security Scan
2013-01-13 10:32:29 -------- d-----w- c:\program files\Inkscape
2013-01-12 11:30:51 -------- d-----w- c:\documents and settings\anthony mandich.dd11kk81\local settings\application data\Conduit
2013-01-12 11:19:45 -------- d-----w- c:\program files\BasicSeek
2013-01-12 11:19:45 -------- d-----w- c:\documents and settings\all users\application data\BasicSeek
2012-12-23 05:37:50 -------- d-----w- c:\program files\Golden Euro Casino
2012-12-22 02:54:25 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-12-22 02:54:25 -------- d-----w- c:\windows\system32\wbem\Repository
2012-12-22 02:16:05 194936 ----a-w- c:\documents and settings\anthony mandich.dd11kk81\wgsdgsdgdsgsd(2).exe
2012-12-18 19:08:32 209112 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-12-18 19:08:32 209112 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-01-09 08:52:22 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 08:52:21 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-21 05:00:00 1768 ----a-w- c:\windows\fonts\PixelNumsT.otf
2012-12-21 05:00:00 1768 ----a-w- c:\windows\fonts\fonts\PixelNumsT.otf
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-09 05:37:30 464024 ----a-r- c:\windows\system32\cpnprt2win32.cid
2012-11-28 18:33:04 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-28 18:32:54 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-28 18:32:52 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-11-28 18:32:51 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec
2012-10-19 23:18:02 440704 ----a-w- c:\windows\CouponPrinter.ocx
.
============= FINISH: 14:14:26.21 ===============

 

[Anthony Mandich]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 1/10/2010 3:34:06 PM
System Uptime: 1/15/2013 12:51:09 PM (2 hours ago)
.
Motherboard: Dell Computer Corp. | | 0F5949
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop 7.0
Adobe Reader XI (11.0.01)
Angry Birds Seasons
AOLIcon
Apple Application Support
Apple Software Update
BasicSeek 1.0 build 111
Big Dollar Casino
Bonjour
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Crazy Luck Casino
Dell Driver Reset Tool
Dell Support 3.1
Dell System Restore
EPSON Printer Software
File Type Assistant
Final Media Player 2010
FreeFixer
Golden Euro Casino
Google Chrome
Google Earth Plug-in
Google Gears
Google Update Helper
Graboid Video 3.58
Graboid Video 3.58 Setup
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Inkscape 0.48.4
InstallVC90Support
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics Driver
Internet Explorer Default Page
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java 7 Update 9
Java Auto Updater
Java(TM) 6 Update 32
Java(TM) SE Runtime Environment 6 Update 1
Loco Panda Casino
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft IntelliPoint 7.0
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office XP Professional with FrontPage
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Modem Event Monitor
Modem Helper
Modem On Hold
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
NTI Backup Now EZ
Picasa 3
Poker Host
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
Segoe UI
Sportsbook.com
Steam
Treasure Mile Casino
TurboTax 2008
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 wcaiper
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 wcaiper
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 wcaiper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TypingMaster Pro
UB
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
VirtualCom driver
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.1
VoiceOver Kit
WebFldrs XP
Windows Driver Package - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Wise Disk Cleaner 5.3
Wise Registry Cleaner Free 5.32
.
==== End Of File ===========================

 

[Broni]

Your MBAM log says "No action taken".
Re-run MBAM, fix all issues and post new log.

=============================

I don't see any AV program running.

Install ONE of these:

- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html

- free Microsoft Security Essentials: http://windows.microsoft.com/en-GB/windows/products/security-essentials
Note for Windows 8 users: Microsoft Security Essentials comes preinstalled and renamed as Windows Defender.
You can keep it or you have to disable it before installing another AV program. How to...

- free Comodo Antivirus: http://www.comodo.com/home/internet-security/antivirus.php

Update, run full scan, report on any findings.

=======================

Uninstall McAfee Security Scan, typical foistware.

======================

Uninstall Wise Registry Cleaner Free and FreeFixer.
Registry cleaners/optimizers are not recommended for several reasons:

• Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.
  
  The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  
• Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  
• Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  
• Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  
• The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

• Ed Bott's Webog: Why I don't use registry cleaners
• Do I need a Registry Cleaner?