SWDUMon driver and system infection

Hello Ladies and Gents-

I'm working on my Mother's laptop to eradicate this infection for her. It's proven to be a real headache for me and a serious time sink. I've run MBAM, ADWcleaner, and malwarebytes anti rootkit many times, cleaned the history and deleted googiechrome. yet the infection continues to reestablish itself..

I know you wonderful people at Bleepingcomputer can help with this, you guys have helped me out before and taught me all I know about malware removal. But I'm obviously missing something on this one for my Mom's infection.

I'll include the notes from FRST scan that i've run.

Thank you guys in advance for your help, your group of people here at bleep are one of the best things going on in cyberspace.

thank you-

Sean

please let me know if any more info is needed to get started at rooting this thing out.

can I get someone to help me out with this, please? I don't know why all these other threads are getting help and mine is going neglected. if more info is required, i'm here waiting to post whatever is needed.

Thanks

Hello seanmeals and welcome to BleepingComputer!          

My name is Sirawit and I'm here to help you.

If I don't reply after 2 days, feel free to PM me.         

==========================================================================

Some points for you to keep in mind:

• Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
• We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
• Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
• Do not attach logs or use code boxes, just copy and paste the text.
• Periodically update me on the condition of your computer, and provide detail in every post.
• In the upper right-hand corner of the topic, you will see the "Follow this topic" button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
• If you do not reply to your topic after 3 days I will bump the topic, if you didn't reply in next 3 days we assume it has been abandoned and I will close it.
• Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
• Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.

==========================================================================

Could you please state your problem more clearly? What seems to be the problem with this computer? I need this information in order to create an effective fix for your computer.

Also, please keep in mind that constantly bumping your topic will make your topic go back into the waiting queue and not making anything faster.

Thank you.

We need some practical advise on the steps to remove this self reinstalling infection

Hi seanmeals.

WildTangent Program Warning

Wild Tangent is a video game software company specializing in online games. It has even made a partnership with AOL to include itself as part of the AOL Instant Messenger for their AIM games section. The WildTangent Web Driver is their technology that allows you to play 3D games over the Internet. Although it's not technically considered spyware it does have built in components to update itself and gather information about the computer system including:

• Operating System Version
• CPU Type and Speed
• Memory Amount
• Video Card type and Driver Version
• Sound Card type and Driver Version
• DirectX Version
• Location that the Web Driver was installed from

For that reason, I would suggest you uninstalled it via add/remove.

Reboot after the uninstallation.<- Important.

---------------------

We need to remove programs using "Programs and Features"

Open Computer and click on the "Computer" tab, then click on Uninstall or Change a Program.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking the below entries and selecting "Remove":

AVG Driver Updater

AVG PC TuneUp

WildTangent Games

Additional instructions can be found here if needed.

------------------

We need to run a fix with FRST:

• Please download the attached fixlist.txt file and save it to the same location as FRST
  Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
  NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
   fixlist.txt   263bytes   1 downloads
• Run FRST.exe/FRST64.exe and press the Fix button just once and wait
• If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
• When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

==========

How's your computer running?

After the fix has been completed, please create a new set of FRST log files (FRST.txt and Addition.txt) for me.

Thank you.

Hi seanmeals.

Are you still there?