Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Open Office, and Microsoft Visual Studio hack

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Open Office, and Microsoft Visual Studio hack

Unread postby dragon32078 » January 4th, 2011, 7:52 pm

Dear Hijack This moderator,

--------------------------------Beginning of Hijack This Log---------------------------------------------------------------------------------------------------
Logfile of TrEnding Micro HijackThis v2.0.4
Scan saved at 12:19:53 PM, on 1/4/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\DriverUpdate\DriverUpdate.exe
C:\Program Files\Trillian\trillian.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\TrEnding Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EPSON Stylus CX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE /P26 "EPSON Stylus CX4200 Series" /O6 "USB001" /M "Stylus CX4200"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DriverUpdate] "C:\Program Files\DriverUpdate\DriverUpdate.exe" -boot
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89C30F0F8BD011D2.dll/cmsidewiki.html
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se8942.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7239852750
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AVSETUP_4a285aa0\basic\avupgsvc.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Unknown owner - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (file missing)
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (file missing)
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (file missing)
O23 - Service: SQL Server VSS Writer (SQLWriter) - Unknown owner - c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)

--
Ending of file - 7513 bytes
---------------------------------Ending of Hijack This Log File------------------------------------------------------------------

--------------------------------Beginning of Uninstall List File------------------------------------------------------------------
7-Zip 4.65
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Creative Suite
Adobe Download Manager
Adobe Flash Player 10 Plugin
ATI Catalyst Control Center
ATI Display Driver
Autodesk DirectConnect 2.0
CCleaner
ClamWin Free Antivirus 0.96.5.0
Critical Update for Windows Media Player 11 (KB959772)
Crystal Reports Basic for Visual Studio 2008
DriveImage XML (Private Edition)
DriverUpdate
EPSON Printer Software
EPSON Scan
Fraps
FreeRIP v3.1
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Help and Support
HP Notebook Accessories Product Tour
HP Quick Launch Buttons 6.00 H1
HP User Guides 0013
HP Wireless Assistant 2.00 E1
ImgBurn
Intel(R) Thread Profiler 3.1
Intel(R) VTune(TM) Performance Analyzer
InterVideo WinDVD
iTunes
Java(TM) 6 Update 22
JBuilder 2008 R2
Logitech Vid
Logitech Webcam Software
Logitech Webcam Software Driver Package
Malwarebytes' Anti-Malware
Maya 2008
Maya 2008 Documentation (en_US)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Chart Controls for Microsoft .NET Framework 3.5
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Device Emulator version 3.0 - ENU
Microsoft Document Explorer 2005
Microsoft Document Explorer 2005
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007
Microsoft Office Project Professional 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Small Business Connectivity Components
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio 2007 Service Pack 2 (SP2)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Compact 3.5 Design Tools ENU
Microsoft SQL Server Compact 3.5 ENU
Microsoft SQL Server Compact 3.5 for Devices ENU
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio Web Authoring Component
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
Microsoft Windows SDK for Visual Studio 2008 Tools
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
Mozilla Firefox (3.6.13)
MSDN Library for Visual Studio 2005
MSDN Library for Visual Studio 2005
MSDN Library for Visual Studio 2008 - ENU
MSDN Library for Visual Studio 2008 - ENU
MSXML 6.0 Parser
OGA Notifier 2.0.0048.0
Ogg Converter
Only Astrology
OpenOffice.org 3.2
Pando Media Booster
PDF-Viewer
PopCap Browser Plugin
QuickTime
REndingerMonkey 1.81
Scurvy Final
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio 2007 (KB982127)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sentinel System Driver
Skype™ 4.1
Sound Effects
SoundMAX
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
Trillian
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime
VP Suite 4.0
VUE 2.3.1
Windows Internet Explorer 8
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Mobile 5.0 SDK R2 for Pocket PC
Windows Mobile 5.0 SDK R2 for Smartphone
Windows XP Service Pack 3
WorldWinner Games
XPS Annotator 1.21
Youtube Splitter and Uploader 1.0

--------------------------------Ending of Uninstall List File------------------------------------------------------------------

----------------------------------Beginning of Description --------------------------------------------------------------------
I am currently having difficulty using several software suites. One of these suites is Microsoft Visual Studio 2008. The second, and final suite, is open office.org. Whenever, I try to use Microsoft Visual Studio 2008 shortcut, or even the target of the shortcut, I am given this error message:
Title: devenv.exe - Application Error
Subject: The application failed to initialize properly (0xc0000034). Click on OK to terminate the application.

The error for open office.org is subtly different, but still worthy of notice:
Title: sbase.exe - Application Error
Subject: The application failed to initialize properly (0xc0000034). Click on OK to terminate the application.

I have tried to diagnose the problem by executing the following steps. Firstly, I have clicked on the shortcuts for all the pieces of software included in these two suites. Secondly, I tried executing the original executable. In the case of OpenOffice.org there are 10 executables included in this suite. Please note that the only difference in the error message is the title, which doubles as the name of the executable. Thirdly, I have even uninstalled and then reinstalled the open office suite, this fixed the problem of receiving the error message. Unfortunately, this solution was only a temporary fix. After rebooting my laptop the error message returned.
Plus, I must notify you of some of the steps that were put into play, before I even started experiencing these problems. I have used several different pieces of freeware designed to eliminate viruses and spyware, which I will now call malware removers and malware protection. Please note, that I have not installed any programs that I would call cracked versions, because the software installed on this computer was either installed via 'hard or soft' copy. I use the term hard copy to mean I own the cd-rom and license. Soft copy means someone else owns the right to the software. In the case of my versions of "Malwarebytes' Anti-Malware" and "ClamWin", I had these installed on my computer by a computer technician, whom shall remain nameless for now. Just know that the technician was paid as a birthday gift to me.
In regards to malware removal, I had a technician specifically recommEnding running "Malwarebytes' Anti-Malware". In order to effectively use this software, I must follow three steps. The first step is updating the software. Then I should start my computer in "Safe-mode". Finally, I should use the software. Ideally these three steps should be executed weekly. I have failed to follow these steps rigidly, which is probably why my computer has been maliciously hacked. Please, note that I may have discovered a bug with this software, indepEndingent of the bug in this user, which I will explain after the following paragraph.
In regards to malware protection, a technician recommEndinged using "Clamwin Antivirus". He told me this software is pretty much useless at removing malware, but good at preventing the malware from being installed on my computer. This software offers real-time protection from malware. My hunch is that this software has been hacked, too. I believe this to be the case, because on Sunday, when I was running my computer in "Safe-mode, with networking commands", I noticed that the programs were running slowly. Shortly afterwards, I saw in the bottom right corner of my screen a pop-up window saying "Clam Win is installing updates". After 20 seconds, I then saw another window saying "Clam win is installing updates". I then pressed ctrl-alt-delete, and I noticed 4 instances of processes with the name "ClamWin.exe".Every time that I saw the installing update pop-up, there was another image running. Finally, I killed all the processes, and shutdown the "ClamTray.exe". This effectively prevented the program from updating, and notified me that there is at least one bug included in the ClamWin executable.
After, I discovered the bug in Clamwin, I may have discovered a bug in the "Malwarebytes Anti-Malware" program, which I will try to accurately portray now. Firstly, I updated this program. This step was successfully completed, because I enabled network commands. If I am in safe-mode, with networking commands can a technician remotely use my computer? If your answer is yes, then this may be a bug contained in Windows XP's code. The reason I asked this question may become evident, shortly.
After updating, I then ran a quick scan. The scan notified me of a registry hack. I told Malwarebytes to fix the problem. Immediately, after pressing the button, "Fix...", my computer rebooted. Unfortunately, this concludes the program's bug, and initiates my own. One, I should have written down the name of the registry error. Two, I should have read the full screen, and noted whether fixing the bug would force my computer to restart. Third, I should have tried to get a screen-capture of the 'Bug Window' for the purposes of archival.
-----------------------------------Ending of Description -----------------------------------------------------------------------
dragon32078
Active Member
 
Posts: 13
Joined: December 21st, 2010, 8:18 pm
Advertisement
Register to Remove

Re: Open Office, and Microsoft Visual Studio hack

Unread postby askey127 » January 8th, 2011, 11:40 am

Hi dragon32078,
You have not been getting the best Security advice here.
Please do not scan, remove, or install anything while we are working on the machine, unless I ask.
I would suggest as little surfing as possible until Antivir is installed.

When we are through cleaning the machine here, if you do not want to keep Antivir, you can uninstall it and Install Microsoft Security Essentials.
-----------------------------------------------
Download Antivir Free
This program is free for personal, non-business use.
Download AntiVir Free from here : http://www.softpedia.com/get/Antivirus/AntiVir-Personal-Edition.shtml
Save the Installer to your desktop, but don't run it yet.
----------------------------------------------
You can download the free version of Revo Uninstaller from here: http://www.revouninstaller.com/revo_uni ... nload.html
I would attempt to use it to Uninstall the following programs.
Pando is a buggy piece of software which is often downloaded without the User's permission.
It frequently comes with video download requests, and one of its bugs is it doesn't Uninstall Properly.
So we can use Revo to Uninstall each of the following:
Pando Media Booster
ClamWin Free Antivirus 0.96.5.0
PopCap Browser Plugin

-----------------------------------------------------------
REBOOT (RESTART) Your Machine
-----------------------------------------------
Install Antivir
Double Click the Avira Antivir Installer on your desktop, and Install the program.
-----------------------------------------------
Update and Scan with Antivir
Right click the red umbrella icon and choose Start Antivir.
When the window comes up click Start Update.
When the update is complete, click on Scan System Now.
This full scan could take a hour or more. Have it fix anything it finds.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Open Office, and Microsoft Visual Studio hack

Unread postby dragon32078 » January 10th, 2011, 11:34 pm

I have already completed one of the steps, and downloaded AVG. I am hoping you are more familiar with this product, than I am, because I have failed to use it appropriately in the past. I will gladly let you know when I am done following all of your instructions.

Thank you,

Kevin
dragon32078
Active Member
 
Posts: 13
Joined: December 21st, 2010, 8:18 pm

Re: Open Office, and Microsoft Visual Studio hack

Unread postby askey127 » January 11th, 2011, 8:30 am

I have already completed one of the steps, and downloaded AVG.

NO !! Either your statement or your action is incorrect !

Please DO NOT CONFUSE AVG WITH Avira Antivir.
I want you to download the installer for Avira Antivir. It's a different program.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Open Office, and Microsoft Visual Studio hack

Unread postby dragon32078 » January 11th, 2011, 9:42 pm

The link you posted led me to AVG. I will try to download the proper software, but it seems like you sent me the wrong link.
dragon32078
Active Member
 
Posts: 13
Joined: December 21st, 2010, 8:18 pm

Re: Open Office, and Microsoft Visual Studio hack

Unread postby dragon32078 » January 11th, 2011, 11:26 pm

I gave up on trying the link that you posted, and instead downloaded Avira Anti-Virus from downloads.com. I then proceeded to follow your other directions and here are the contents of the report file:



Avira AntiVir Personal
Report file date: Tuesday, January 11, 2011 18:14

Scanning for 2360189 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : Administrator
Computer name : CLOUD

Version information:
BUILD.DAT : 10.0.0.609 31824 Bytes 12/13/2010 09:43:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 12/13/2010 16:39:56
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 20:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 12/13/2010 16:40:06
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 07:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 17:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 02:12:03
VBASE002.VDF : 7.11.0.1 2048 Bytes 12/14/2010 02:12:04
VBASE003.VDF : 7.11.0.2 2048 Bytes 12/14/2010 02:12:04
VBASE004.VDF : 7.11.0.3 2048 Bytes 12/14/2010 02:12:04
VBASE005.VDF : 7.11.0.4 2048 Bytes 12/14/2010 02:12:04
VBASE006.VDF : 7.11.0.5 2048 Bytes 12/14/2010 02:12:04
VBASE007.VDF : 7.11.0.6 2048 Bytes 12/14/2010 02:12:05
VBASE008.VDF : 7.11.0.7 2048 Bytes 12/14/2010 02:12:05
VBASE009.VDF : 7.11.0.8 2048 Bytes 12/14/2010 02:12:05
VBASE010.VDF : 7.11.0.9 2048 Bytes 12/14/2010 02:12:05
VBASE011.VDF : 7.11.0.10 2048 Bytes 12/14/2010 02:12:05
VBASE012.VDF : 7.11.0.11 2048 Bytes 12/14/2010 02:12:06
VBASE013.VDF : 7.11.0.52 128000 Bytes 12/16/2010 02:12:07
VBASE014.VDF : 7.11.0.91 226816 Bytes 12/20/2010 02:12:10
VBASE015.VDF : 7.11.0.122 136192 Bytes 12/21/2010 02:12:12
VBASE016.VDF : 7.11.0.156 122880 Bytes 12/24/2010 02:12:13
VBASE017.VDF : 7.11.0.185 146944 Bytes 12/27/2010 02:12:15
VBASE018.VDF : 7.11.0.228 132608 Bytes 12/30/2010 02:12:17
VBASE019.VDF : 7.11.1.5 148480 Bytes 1/3/2011 02:12:18
VBASE020.VDF : 7.11.1.37 156672 Bytes 1/7/2011 02:12:20
VBASE021.VDF : 7.11.1.65 140800 Bytes 1/10/2011 02:12:22
VBASE022.VDF : 7.11.1.87 225280 Bytes 1/11/2011 02:12:25
VBASE023.VDF : 7.11.1.88 2048 Bytes 1/11/2011 02:12:25
VBASE024.VDF : 7.11.1.89 2048 Bytes 1/11/2011 02:12:25
VBASE025.VDF : 7.11.1.90 2048 Bytes 1/11/2011 02:12:25
VBASE026.VDF : 7.11.1.91 2048 Bytes 1/11/2011 02:12:26
VBASE027.VDF : 7.11.1.92 2048 Bytes 1/11/2011 02:12:26
VBASE028.VDF : 7.11.1.93 2048 Bytes 1/11/2011 02:12:26
VBASE029.VDF : 7.11.1.94 2048 Bytes 1/11/2011 02:12:26
VBASE030.VDF : 7.11.1.95 2048 Bytes 1/11/2011 02:12:26
VBASE031.VDF : 7.11.1.100 27136 Bytes 1/11/2011 02:12:27
Engineversion : 8.2.4.140
AEVDF.DLL : 8.1.2.1 106868 Bytes 12/13/2010 16:39:51
AESCRIPT.DLL : 8.1.3.52 1282426 Bytes 1/12/2011 02:12:55
AESCN.DLL : 8.1.7.2 127349 Bytes 12/13/2010 16:39:50
AESBX.DLL : 8.1.3.2 254324 Bytes 12/13/2010 16:39:50
AERDL.DLL : 8.1.9.2 635252 Bytes 12/13/2010 16:39:50
AEPACK.DLL : 8.2.4.7 512375 Bytes 1/12/2011 02:12:50
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 12/13/2010 16:39:49
AEHEUR.DLL : 8.1.2.64 3154294 Bytes 1/12/2011 02:12:47
AEHELP.DLL : 8.1.16.0 246136 Bytes 12/13/2010 16:39:42
AEGEN.DLL : 8.1.5.1 397683 Bytes 1/12/2011 02:12:31
AEEMU.DLL : 8.1.3.0 393589 Bytes 12/13/2010 16:39:42
AECORE.DLL : 8.1.19.0 196984 Bytes 12/13/2010 16:39:41
AEBB.DLL : 8.1.1.0 53618 Bytes 12/13/2010 16:39:41
AVWINLL.DLL : 10.0.0.0 19304 Bytes 12/13/2010 16:39:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 12/13/2010 16:39:54
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 22:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 12/13/2010 16:39:54
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 12/13/2010 16:39:56
AVARKT.DLL : 10.0.22.6 231784 Bytes 12/13/2010 16:39:52
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 12/13/2010 16:39:53
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 22:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 12/13/2010 16:39:56
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 22:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 21:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 12/13/2010 16:40:20

Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Tuesday, January 11, 2011 18:14

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'MsiExec.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'avgmfapx.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned
Scan process 'avgidsmonitor.exe' - '1' Module(s) have been scanned
Scan process 'avgcsrvx.exe' - '1' Module(s) have been scanned
Scan process 'avgnsx.exe' - '1' Module(s) have been scanned
Scan process 'avgchsvx.exe' - '1' Module(s) have been scanned
Scan process 'avgcsrvx.exe' - '1' Module(s) have been scanned
Scan process 'avgrsx.exe' - '1' Module(s) have been scanned
Scan process 'plugin-container.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'mqtgsvc.exe' - '1' Module(s) have been scanned
Scan process 'WMPNetwk.exe' - '1' Module(s) have been scanned
Scan process 'mqsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'msdtc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'trillian.exe' - '1' Module(s) have been scanned
Scan process 'DriverUpdate.exe' - '1' Module(s) have been scanned
Scan process 'WMPNSCFG.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'E_FATIAEA.EXE' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'SCardSvr.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '1734' files ).



End of the scan: Tuesday, January 11, 2011 18:16
Used time: 02:00 Minute(s)

The scan has been done completely.

0 Scanned directories
2220 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2220 Files not concerned
5 Archives were scanned
0 Warnings
0 Notes
dragon32078
Active Member
 
Posts: 13
Joined: December 21st, 2010, 8:18 pm

Re: Open Office, and Microsoft Visual Studio hack

Unread postby askey127 » January 12th, 2011, 10:34 am

dragon32078,
You must be getting some redirects. Let's check for a common rootkit first.
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista - W7 users: Right-click and select "Run As Administrator".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C:).
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Open Office, and Microsoft Visual Studio hack

Unread postby dragon32078 » January 13th, 2011, 5:06 pm

Dear Askey,

There were no viruses found. Here is the logfile:

2011/01/13 13:02:37.0921 TDSS rootkit removing tool 2.4.13.0 Jan 12 2011 09:51:11
2011/01/13 13:02:37.0921 ================================================================================
2011/01/13 13:02:37.0921 SystemInfo:
2011/01/13 13:02:37.0921
2011/01/13 13:02:37.0921 OS Version: 5.1.2600 ServicePack: 3.0
2011/01/13 13:02:37.0921 Product type: Workstation
2011/01/13 13:02:37.0921 ComputerName: CLOUD
2011/01/13 13:02:37.0921 UserName: Administrator
2011/01/13 13:02:37.0921 Windows directory: C:\WINDOWS
2011/01/13 13:02:37.0921 System windows directory: C:\WINDOWS
2011/01/13 13:02:37.0921 Processor architecture: Intel x86
2011/01/13 13:02:37.0921 Number of processors: 2
2011/01/13 13:02:37.0921 Page size: 0x1000
2011/01/13 13:02:37.0921 Boot type: Normal boot
2011/01/13 13:02:37.0921 ================================================================================
2011/01/13 13:02:38.0265 Initialize success
2011/01/13 13:02:55.0140 ================================================================================
2011/01/13 13:02:55.0140 Scan started
2011/01/13 13:02:55.0140 Mode: Manual;
2011/01/13 13:02:55.0140 ================================================================================
2011/01/13 13:02:55.0703 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/13 13:02:55.0781 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/01/13 13:02:55.0812 ADIHdAudAddService (c6f1bba566dd2eef2d8fb9d25e8eb9a4) C:\WINDOWS\system32\drivers\ADIHdAud.sys
2011/01/13 13:02:55.0875 AEAudioService (c984de22ed71414abc42c1e03d412e33) C:\WINDOWS\system32\drivers\AEAudio.sys
2011/01/13 13:02:55.0906 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/01/13 13:02:56.0000 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/01/13 13:02:56.0343 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/01/13 13:02:56.0453 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/01/13 13:02:56.0546 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/13 13:02:56.0593 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/13 13:02:56.0828 ati2mtag (7554246a1f39cefd6c42b80016bdcca8) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/01/13 13:02:57.0187 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/13 13:02:57.0359 ATSWPDRV (002ecb6f1197a7754cc87f2073f41841) C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
2011/01/13 13:02:57.0406 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/13 13:02:57.0531 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/01/13 13:02:57.0593 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/01/13 13:02:57.0640 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/01/13 13:02:57.0812 b57w2k (c0acd392ece55784884cc208aafa06ce) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2011/01/13 13:02:57.0921 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/13 13:02:57.0968 BTWUSB (00c8988da469e4ac087539bd77420123) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/01/13 13:02:58.0125 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/13 13:02:58.0187 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/01/13 13:02:58.0250 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/13 13:02:58.0406 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/13 13:02:58.0531 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/13 13:02:58.0593 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/01/13 13:02:58.0703 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/01/13 13:02:58.0812 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/13 13:02:58.0875 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/13 13:02:58.0984 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/13 13:02:59.0140 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/13 13:02:59.0203 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/13 13:02:59.0328 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/13 13:02:59.0375 eabfiltr (b5cb3084046146fd2587d8c9b219feb4) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
2011/01/13 13:02:59.0406 eabusb (231f4547ae1e4b3e60eca66c3a96d218) C:\WINDOWS\system32\DRIVERS\eabusb.sys
2011/01/13 13:02:59.0437 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/13 13:02:59.0484 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/01/13 13:02:59.0546 FilterService (a75ddc492d2d1d6558ad8003a4adb73a) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
2011/01/13 13:02:59.0609 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/13 13:02:59.0656 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/01/13 13:02:59.0734 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/01/13 13:02:59.0828 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/13 13:02:59.0921 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/13 13:03:00.0046 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/01/13 13:03:00.0187 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/13 13:03:00.0265 GTIPCI21 (b6b1f53f585b41091eb3586f8297a379) C:\WINDOWS\system32\DRIVERS\gtipci21.sys
2011/01/13 13:03:00.0343 Haspnt (2dd25f060dc9f79b5cdf33d90ed93669) C:\WINDOWS\system32\drivers\Haspnt.sys
2011/01/13 13:03:00.0453 HBtnKey (4d4d97671c63c3af869b3518e6054204) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
2011/01/13 13:03:00.0656 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/01/13 13:03:00.0734 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/13 13:03:00.0875 HSFHWAZL (89e256c5f5346be265d9f86ac8625d4f) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/01/13 13:03:00.0984 HSF_DPV (0e44af3828111d4c3e73c33ac95226d8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/01/13 13:03:01.0156 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/13 13:03:01.0312 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/01/13 13:03:01.0484 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/01/13 13:03:01.0593 IFXTPM (0b556e950404d90d097c687e65238730) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
2011/01/13 13:03:01.0703 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/13 13:03:01.0796 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/01/13 13:03:01.0875 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/01/13 13:03:01.0984 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/01/13 13:03:02.0062 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/13 13:03:02.0140 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/13 13:03:02.0187 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/13 13:03:02.0265 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/13 13:03:02.0406 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/13 13:03:02.0484 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/13 13:03:02.0625 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/13 13:03:02.0656 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/01/13 13:03:02.0703 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/13 13:03:02.0828 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/13 13:03:02.0953 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/01/13 13:03:03.0093 LVRS (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
2011/01/13 13:03:03.0546 LVUVC (291f69b3dda0f033d2490c5ba5179f7c) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
2011/01/13 13:03:04.0218 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/01/13 13:03:04.0296 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/13 13:03:04.0406 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/13 13:03:04.0453 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/13 13:03:04.0546 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/01/13 13:03:04.0609 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/13 13:03:04.0734 MQAC (70c14f5cca5cf73f8a645c73a01d8726) C:\WINDOWS\system32\drivers\mqac.sys
2011/01/13 13:03:04.0953 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/13 13:03:05.0109 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/13 13:03:05.0218 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/13 13:03:05.0312 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/13 13:03:05.0484 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/13 13:03:05.0593 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/13 13:03:05.0703 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/13 13:03:05.0859 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/01/13 13:03:06.0000 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/13 13:03:06.0046 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/01/13 13:03:06.0218 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/13 13:03:06.0343 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/01/13 13:03:06.0421 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/13 13:03:06.0531 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/13 13:03:06.0656 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/13 13:03:06.0796 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/13 13:03:06.0921 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/13 13:03:07.0000 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/13 13:03:07.0140 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/01/13 13:03:07.0218 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/13 13:03:07.0328 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/13 13:03:07.0468 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/13 13:03:07.0515 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/13 13:03:07.0562 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/13 13:03:07.0687 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/01/13 13:03:07.0812 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/01/13 13:03:07.0937 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/13 13:03:08.0031 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/13 13:03:08.0125 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/13 13:03:08.0312 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/13 13:03:08.0468 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/01/13 13:03:08.0656 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/13 13:03:08.0703 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/01/13 13:03:08.0765 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/13 13:03:08.0812 PxHelp20 (63de5a1e7f28e3c60a5801bb241fc9c9) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/01/13 13:03:09.0328 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/13 13:03:09.0390 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/01/13 13:03:09.0453 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/13 13:03:09.0625 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/13 13:03:09.0734 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/13 13:03:09.0875 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/13 13:03:09.0921 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/13 13:03:09.0953 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/01/13 13:03:10.0015 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/13 13:03:10.0187 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/13 13:03:10.0328 RMCAST (96f7a9a7bf0c9c0440a967440065d33c) C:\WINDOWS\system32\drivers\RMCast.sys
2011/01/13 13:03:10.0546 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/01/13 13:03:10.0640 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/13 13:03:10.0765 Sentinel (8627c992b8a80504fc477b2e8ff8ec4f) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
2011/01/13 13:03:10.0953 sepdrv (68b4d4d1a6dbd3359a25130e16af9aaa) C:\WINDOWS\system32\drivers\sepdrv.sys
2011/01/13 13:03:11.0000 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/01/13 13:03:11.0046 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/01/13 13:03:11.0093 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/01/13 13:03:11.0234 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/01/13 13:03:11.0343 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys
2011/01/13 13:03:11.0468 Sntnlusb (87f799c486302aceff098e067d481d9c) C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS
2011/01/13 13:03:11.0671 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/13 13:03:11.0812 sptd (a80cd850d69d996c832bea37e3a6aa1e) C:\WINDOWS\system32\Drivers\sptd.sys
2011/01/13 13:03:11.0921 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/13 13:03:12.0062 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/13 13:03:12.0234 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/01/13 13:03:12.0312 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/01/13 13:03:12.0375 SWDUMon (7168ea26833301750562bfd0a16a66d3) C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
2011/01/13 13:03:12.0421 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/13 13:03:12.0484 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/13 13:03:12.0750 SynTP (c9a1785cc0d7a040dd0fdbfeaa8be135) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/01/13 13:03:12.0781 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/13 13:03:12.0875 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/13 13:03:13.0062 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/13 13:03:13.0203 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/13 13:03:13.0234 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/13 13:03:13.0328 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
2011/01/13 13:03:13.0625 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/13 13:03:13.0859 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/13 13:03:14.0140 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/01/13 13:03:14.0218 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/13 13:03:14.0421 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/13 13:03:14.0593 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/13 13:03:14.0687 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/01/13 13:03:14.0750 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/13 13:03:14.0875 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/13 13:03:15.0078 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/01/13 13:03:15.0171 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/01/13 13:03:15.0234 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/01/13 13:03:15.0265 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/01/13 13:03:15.0328 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/13 13:03:15.0562 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
2011/01/13 13:03:15.0765 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/13 13:03:15.0890 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/13 13:03:16.0031 winachsf (214bc3ad84907ad6ad655ac5465f449a) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/01/13 13:03:16.0140 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/01/13 13:03:16.0234 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/01/13 13:03:16.0296 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/01/13 13:03:16.0406 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/01/13 13:03:16.0531 ================================================================================
2011/01/13 13:03:16.0531 Scan finished
2011/01/13 13:03:16.0531 ================================================================================

Thank you, for aiding me in my quest of vanquishing this nasty virus.

Sincerely,

Kevin
dragon32078
Active Member
 
Posts: 13
Joined: December 21st, 2010, 8:18 pm

Re: Open Office, and Microsoft Visual Studio hack

Unread postby askey127 » January 14th, 2011, 7:39 am

dragon32078,
It is not clear that a "virus" is involved in this.
---------------------------------------------
Run CKScanner
Download CKScanner from HERE
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a couple minutes or less, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
-----------------------------------------------------------
Download and Run a Diagnostic Tool (MGADiag.exe) from here and save this to your desktop.
http://go.microsoft.com/fwlink/?linkid=56062
* Double-click on MGADiag.exe
* When the program has finished, click on the Validation tab and then click on Copy to Clipboard.
* Please post the results in your next reply.
---------------------------------------------
Run a Scan with OTL
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, In the Standard Registry box, click All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location
      as OTL (should be on your desktop).
    • Make sure Notepad's Format, Wordwrap is unchecked.
    • Please copy the contents of each of these files, one at a time, and post them in your next reply.
  • Use separate replies if you wish.

So we will be looking for the log from CKScanner, the results from MGADiag, and the two logs from OTL.
Use separate replies if you prefer.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Open Office, and Microsoft Visual Studio hack

Unread postby dragon32078 » January 15th, 2011, 5:18 pm

Dear Askey,

I vaguely consider myself a computer technician, so I am surprised that a rootkit is not considered a virus. Would category do rootkits fall under? Is it correct to assume that malware and viruses subsume the category of things which negatively disrupt the flow of a computer? Obviously hardware malfunctions should be included in this category, so I suppose that three things fall under the category of things, which negatively disrupt the flow of a computer, correct?

Anyways, I am sorry for my rambling. Here are the results of running the first scan (CKScan log):

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\maya2k9_crack.rar
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\crack\aw.dat
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\crack\awkeygen.exe
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\crack\install.txt
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\crack\lma01052
c:\documents and settings\administrator\my documents\maya 2008\awkeygen.exe
c:\documents and settings\administrator\my documents\maya 2008\maya2008_keygen.rar
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v2008_win64.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0_win64.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_v8.5.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_v8.5_x64.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0-xforce\file_id.diz
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0-xforce\x-force.nfo
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0-xforce\crack\install.txt
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\file_id.diz
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend.nfo
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend\aw.dat
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend\install.txt
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend\keygen.exe
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend\lmgr326b.dll
c:\flexlm\awkeygen.exe
c:\program files\amd\rendermonkey 1.81\examples\media\models\crackedquad.3ds
c:\program files\autodesk\maya2008\brushes\fun\cracks.mel
c:\program files\autodesk\maya2008\brushes\fun\cracks.mel.icon
c:\program files\autodesk\maya2008\docs\maya2008\en_us\tutorials\polygon_texturing_lesson_1_creating_a_cracker_box_model.html
c:\program files\autodesk\maya2008\scripts\others\crackshatter.mel
scanner sequence 3.ZZ.11
----- EOF -----


Thank you,

Kevin
dragon32078
Active Member
 
Posts: 13
Joined: December 21st, 2010, 8:18 pm

Re: Open Office, and Microsoft Visual Studio hack

Unread postby dragon32078 » January 15th, 2011, 5:24 pm

Dear Askey,

Here are the results of the Microsoft Genuine Advantage Diagnostic Tool, which was surprising to say the least. It claims, "Validation Control not Installed", which is weird because I am sure that at some point in time it was installed. I am uncertain if it is not installed as a result of the efforts of malicious hacker, or if I uninstalled it myself by formatting the hard drive. Either way, I am sure you want the results of the copied file:

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Validation Control not Installed
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-2MDY9-F6J9M-K42BQ
Windows Product Key Hash: jY+nlE0RT38EEXpeUqSdQPABSQc=
Windows Product ID: 76487-OEM-2211906-00101
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {7288C3AB-D86C-44D2-A297-E51C3B93BC9D}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: Validation Control not Installed

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: No
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Project Professional 2003 - 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
Microsoft Office Visio Professional 2007 - 100 Genuine
Microsoft Office Professional 2007 - 100 Genuine
Microsoft Office Project Professional 2003 - 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
Microsoft Office Visio Professional 2007 - 100 Genuine
Microsoft Office Professional 2007 - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-230-1_B4D0AA8B-920-80070057

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{7288C3AB-D86C-44D2-A297-E51C3B93BC9D}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-K42BQ</PKey><PID>76487-OEM-2211906-00101</PID><PIDType>2</PIDType><SID>S-1-5-21-3278306607-2553473983-2057372235</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP Compaq nx9420 (RB548UA)</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>68YAF Ver. F.1D</Version><SMBIOSVersion major="2" minor="4"/><Date>20080711000000.000000+000</Date><SLPBIOS>Compaq,Hewlett,Hewlett,Compaq</SLPBIOS></BIOS><HWID>15553507018400EA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{903B0409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Project Professional 2003</Name><Ver>11</Ver><Val>9F5ADDB2B788500</Val><Hash>04+X6EaPrdl/80KZDTm2pmE2VpA=</Hash><Pid>72077-640-1217514-55414</Pid><PidType>14</PidType></Product><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>276CF82950E8586</Val><Hash>hs0kg9zZJigvfxPYAphCQLA980s=</Hash><Pid>89388-707-1102262-65007</Pid><PidType>14</PidType></Product><Product GUID="{90120000-0051-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Visio Professional 2007</Name><Ver>12</Ver><Val>45AA6D810EA7F10</Val><Hash>fX0sm0hJNSKnAkMGo2ipmpvQHA4=</Hash><Pid>89405-904-4961305-63031</Pid><PidType>1</PidType></Product><Product GUID="{91120000-0014-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional 2007</Name><Ver>12</Ver><PidType>19</PidType></Product></Products><Applications><App Id="3B" Version="11" Result="100"/><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="53" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: A5CC:Compaq Computer Corporation|13BE9:Compaq Computer Corporation|1FFEA:Compaq Computer Corporation|13B8F:Compaq Computer Corporation|13B8F:Compaq Computer Corporation|1FFEA:Hewlett-Packard Company|13B8F:Hewlett-Packard Company
Marker string from OEMBIOS.DAT: Compaq,Hewlett,Hewlett,Compaq

OEM Activation 2.0 Data-->
N/A

Sincerely,

Kevin
dragon32078
Active Member
 
Posts: 13
Joined: December 21st, 2010, 8:18 pm

Re: Open Office, and Microsoft Visual Studio hack

Unread postby askey127 » January 16th, 2011, 8:42 am

dragon32078,
A rootkit is a particular type of infection. You don't appear to have a rootkit.

Warez, Keygens, Cracks etc.
This is the likely reason your computer is infected. Visiting crack sites/warez sites - and other questionable/illegal sites is always a risk. Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, System Restore etc.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

As the log(s) you've posted indicate, you've used one or more of the above (autodesk.maya), and we will not provide you with any help unless they are removed.
May I draw your attention to the forum rules on the Use of "cracked" programs

If you wish to continue:
------------------------------------------------------------------------
Please remove all forms of illegal software from your computer before we continue.
Please reply with a fresh CKScanner log after removing the items.

Go to the Microsoft Diagnostics Site
Be sure to use Internet Explorer for this (not Firefox).
It's HERE
Click "Start Diagnostics" button. If it shows some items failed, follow the steps to fix it, and click "Try Again".

Then Please visit This website using Internet Explorer.
Follow the instructions to Validate Windows, then run MGADiag.exe again and post the new log in your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Open Office, and Microsoft Visual Studio hack

Unread postby dragon32078 » January 19th, 2011, 1:55 am

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\maya2k9_crack.rar
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\crack\aw.dat
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\crack\awkeygen.exe
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\crack\install.txt
c:\documents and settings\administrator\my documents\autodesk.maya.unlimited.v2009-iso\crack\lma01052
c:\documents and settings\administrator\my documents\maya 2008\awkeygen.exe
c:\documents and settings\administrator\my documents\maya 2008\maya2008_keygen.rar
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v2008_win64.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0_win64.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_v8.5.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_v8.5_x64.zip
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0-xforce\file_id.diz
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0-xforce\x-force.nfo
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.0-xforce\crack\install.txt
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\file_id.diz
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend.nfo
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend\aw.dat
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend\install.txt
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend\keygen.exe
c:\documents and settings\administrator\my documents\maya keygen windows\autodesk_maya_unlimited_v8.5_sp1-lnd\legend\lmgr326b.dll
c:\flexlm\awkeygen.exe
c:\program files\amd\rendermonkey 1.81\examples\media\models\crackedquad.3ds
c:\program files\autodesk\maya2008\docs\maya2008\en_us\tutorials\polygon_texturing_lesson_1_creating_a_cracker_box_model.html
scanner sequence 3.ZZ.11
----- EOF -----
dragon32078
Active Member
 
Posts: 13
Joined: December 21st, 2010, 8:18 pm

Re: Open Office, and Microsoft Visual Studio hack

Unread postby askey127 » January 19th, 2011, 9:19 am

Our policy on the use of cracked programs is here: viewtopic.php?p=491395#p491395

Since it appears you are continuing to use keygens and cracked programs, this topic will be closed.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 291 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware