Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I was hacked in Zynga poker via Facebook ?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I was hacked in Zynga poker via Facebook ?

Unread postby xristinakos » July 10th, 2012, 4:42 pm

hallo,

I have a stand alone pc at home, and I am facing problems with facebook security.
Last year I was hacked and they took my whole profile and in the end after sending my id to facebook they gave me back the profile.
Last 15 days somehow while I was playing zynga games via facebook, chips were vanishing from my account in front of my eyes in a flash. I suspected virus infection so I started scanning pc with avast first and viper afterwards. They found trojan WIN 32 REVETON-BR (TRJ) and JAVA CVE-2012-0507-KN(EXPLR) and win 32 generic BT. Also scanned with Emsisoft and Malwarebytes. After several deep scannings I was found clean, so I entered facebook, changed passwords, and followed all security steps for facebook and zynga games but it happened again (the loss of my chips). Furthermore since I connected my facebook account with my mobile phone, i receive sms with access codes either when I am already in my account and when I am not connected, or try to connect!
To mention that they stole my chips 3 times in 10 days - all these times I reported the loss to zynga and after following their security steps they were giving me back the chips because I was hacked - But no matter what I do the hacker stealls the cheaps again and again...
Please hepl me!!!!!!!!!!!!!!!!!!!!!!!!!!

here are the dds logs

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by christina at 20:51:01 on 2012-07-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.753 [GMT 3:00]
.
AV: Sunbelt VIPRE *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Sunbelt VIPRE *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\svchost.exe -k hpdevmgmt
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\Program Files\Nero\Update\NASvc.exe
D:\WINDOWS\System32\svchost.exe -k HPZ12
D:\WINDOWS\System32\svchost.exe -k HPZ12
D:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
D:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe
D:\Program Files\Spyware Terminator\st_rsser.exe
D:\WINDOWS\system32\svchost.exe -k imgsvc
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
svchost.exe
D:\Program Files\Unlocker\UnlockerAssistant.exe
D:\Program Files\LClock\LClock.exe
D:\WINDOWS\Philips\SPC230NC\Monitor.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
D:\Program Files\uTorrent\uTorrent.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files\Skype\Phone\Skype.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.gr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.yahoo.gr/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - d:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - d:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - d:\program files\avg\avg2012\avgssie.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - d:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - d:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - d:\program files\avast software\avast\aswWebRepIE.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [CTFMON.EXE] d:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [UnlockerAssistant] d:\program files\unlocker\UnlockerAssistant.exe -H
mRun: [LClock] d:\program files\lclock\LClock.exe
mRun: [NeroFilterCheck] d:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [SPC230NC_Monitor] d:\windows\philips\spc230nc\Monitor.exe
mRun: [SPC_Monitor] d:\windows\philips\spc230nc\Monitor.exe
mRun: [HP Software Update] d:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] d:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [nwiz] d:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE d:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE d:\windows\system32\NvCpl.dll,NvStartup
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [NWEReboot]
mRun: [SpywareTerminatorShield] d:\program files\spyware terminator\SpywareTerminatorShield.exe
mRun: [SpywareTerminatorUpdater] d:\program files\spyware terminator\SpywareTerminatorUpdate.exe
mRun: [Malwarebytes' Anti-Malware] "d:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [SBAMTray] "d:\program files\sunbelt software\vipre\SBAMTray.exe"
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - d:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - d:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - d:\program files\microsoft office\office10\OSA.EXE
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\traymi~1.lnk - d:\program files\philips\philips spc230nc webcam\TrayMin230.exe
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: E&xport to Microsoft Excel - d:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Free YouTube Download - d:\documents and settings\christina\application data\dvdvideosoftiehelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - d:\documents and settings\christina\application data\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - d:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{319C15C9-78B0-487D-8762-553F2C169502} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{319C15C9-78B0-487D-8762-553F2C169502} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{8293E5F7-044F-4CBD-A052-72523E411B3E} : NameServer = 8.26.56.26,156.154.70.22
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - d:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - d:\windows\system32\wpdshserviceobj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - d:\documents and settings\christina\application data\mozilla\firefox\profiles\drli55my.default\
FF - plugin: d:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: d:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R1 sbaphd;sbaphd;d:\windows\system32\drivers\sbaphd.sys [2012-7-9 21592]
R1 SbFw;SbFw;d:\windows\system32\drivers\SbFw.sys [2012-7-9 332248]
R1 SBRE;SBRE;d:\windows\system32\drivers\SBREDrv.sys [2011-8-29 101720]
R1 SbTis;SbTis;d:\windows\system32\drivers\sbtis.sys [2012-7-9 212568]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;d:\windows\system32\drivers\sp_rsdrv2.sys [2011-12-9 32768]
R2 MBAMService;MBAMService;d:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-8 654408]
R2 NAUpdate;@d:\program files\nero\update\nasvc.exe,-200;d:\program files\nero\update\NASvc.exe [2010-5-4 503080]
R2 SBAMSvc;VIPRE Antivirus Premium;d:\program files\sunbelt software\vipre\SBAMSvc.exe [2011-9-6 2804280]
R2 sbapifs;sbapifs;d:\windows\system32\drivers\sbapifs.sys [2012-7-9 74456]
R2 SBPIMSvc;SB Recovery Service;d:\program files\sunbelt software\vipre\SBPIMSvc.exe [2011-9-6 181584]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;d:\program files\spyware terminator\st_rsser.exe [2011-12-9 482992]
R3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [2012-7-8 22344]
R3 PAEAFLT.sys;USB Composite Device;d:\windows\system32\drivers\PAEAFLT.sys [2011-5-29 8576]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;d:\windows\system32\drivers\SbFwIm.sys [2012-7-9 69208]
R3 SPC230NC;Philips SPC230NC Webcam;d:\windows\system32\drivers\SPC230NC.SYS [2011-5-29 461056]
S2 SkypeUpdate;Skype Updater;d:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;d:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-10 257696]
S3 MozillaMaintenance;Mozilla Maintenance Service;d:\program files\mozilla maintenance service\maintenanceservice.exe [2012-7-10 113120]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;d:\windows\system32\drivers\SbFwIm.sys [2012-7-9 69208]
S3 SbHips;sbhips;d:\windows\system32\drivers\sbhips.sys [2012-7-9 94040]
.
=============== Created Last 30 ================
.
2012-07-30 10:17:30 192512 ----a-w- d:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2012-07-30 10:17:29 729088 ----a-w- d:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2012-07-30 10:17:29 69715 ----a-w- d:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2012-07-30 10:17:29 5632 ----a-w- d:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2012-07-30 10:17:29 266240 ----a-w- d:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2012-07-30 10:17:19 188548 ----a-w- d:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2012-07-30 10:17:18 311428 ----a-w- d:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2012-07-09 02:48:40 111 ----a-w- d:\documents and settings\christina\application data\netstat.bat
2012-07-09 01:32:39 74456 ----a-w- d:\windows\system32\drivers\sbapifs.sys
2012-07-09 01:32:39 21592 ----a-w- d:\windows\system32\drivers\sbaphd.sys
2012-07-09 01:11:11 -------- d-----w- d:\documents and settings\christina\application data\Sunbelt
2012-07-09 01:11:11 -------- d-----w- d:\documents and settings\all users\application data\Sunbelt
2012-07-09 01:07:52 94040 ----a-w- d:\windows\system32\drivers\sbhips.sys
2012-07-09 01:07:51 212568 ----a-w- d:\windows\system32\drivers\sbtis.sys
2012-07-09 01:07:36 69208 ----a-w- d:\windows\system32\drivers\SbFwIm.sys
2012-07-09 01:07:36 332248 ----a-w- d:\windows\system32\drivers\SbFw.sys
2012-07-09 01:07:25 -------- d-----w- d:\program files\Sunbelt Software
2012-07-08 12:47:02 -------- d-----w- d:\documents and settings\christina\application data\Malwarebytes
2012-07-08 12:45:04 -------- d-----w- d:\documents and settings\all users\application data\Malwarebytes
2012-07-08 12:45:03 22344 ----a-w- d:\windows\system32\drivers\mbam.sys
2012-07-08 12:45:02 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2012-06-30 05:42:48 -------- d-----w- d:\documents and settings\christina\application data\OpenCandy
2012-06-30 05:40:49 -------- d-----w- d:\documents and settings\christina\application data\DVDVideoSoftIEHelpers
2012-06-30 05:35:26 405144 ----a-w- d:\windows\system32\Newtonsoft.Json.Net20.dll
2012-06-30 05:35:13 -------- d-----w- d:\program files\DVDVideoSoft
2012-06-30 05:35:13 -------- d-----w- d:\program files\common files\DVDVideoSoft
2012-06-29 18:37:39 57344 ----a-w- d:\windows\system32\C2aspi.dll
2012-06-29 18:37:39 18944 ----a-w- d:\windows\system32\asapi.dll
2012-06-29 18:37:39 1048576 ----a-w- d:\windows\system32\CDDBControl.dll
2012-06-29 18:37:38 8768 ----a-w- d:\windows\system32\drivers\Asapi.sys
2012-06-29 18:37:37 -------- d-----w- d:\windows\system32\Iosubsys
2012-06-29 18:37:37 -------- d-----w- d:\program files\Steinberg
2012-06-29 05:44:07 521728 ------w- d:\windows\system32\dllcache\jsdbgui.dll
2012-06-29 05:29:44 -------- d-----w- d:\windows\system32\wbem\repository\FS
2012-06-29 05:29:44 -------- d-----w- d:\windows\system32\wbem\Repository
2012-06-14 22:00:30 -------- d-----w- D:\Myst4_1
2012-06-13 06:58:26 -------- d-----w- d:\program files\MagicISO
.
==================== Find3M ====================
.
2012-06-02 12:19:44 22040 ----a-w- d:\windows\system32\wucltui.dll.mui
2012-06-02 12:19:38 219160 ----a-w- d:\windows\system32\wuaucpl.cpl
2012-06-02 12:19:38 15384 ----a-w- d:\windows\system32\wuaucpl.cpl.mui
2012-06-02 12:19:34 15384 ----a-w- d:\windows\system32\wuapi.dll.mui
2012-06-02 12:19:30 17944 ----a-w- d:\windows\system32\wuaueng.dll.mui
2012-06-02 12:18:58 275696 ----a-w- d:\windows\system32\mucltui.dll
2012-06-02 12:18:58 214256 ----a-w- d:\windows\system32\muweb.dll
2012-06-02 12:18:58 17136 ----a-w- d:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- d:\windows\system32\crypt32.dll
2012-05-29 22:57:04 127712 ----a-w- d:\windows\system\CardView.dll
2012-05-16 15:08:26 916992 ----a-w- d:\windows\system32\wininet.dll
2012-05-16 15:08:26 916992 ----a-w- d:\windows\system32\wininet(2)(2).dll
2012-05-15 13:20:33 1863168 ----a-w- d:\windows\system32\win32k.sys
2012-05-15 13:20:33 1863168 ----a-w- d:\windows\system32\win32k(2)(2).sys
2012-05-11 17:12:34 11111424 ----a-w- d:\windows\system32\ieframe(2)(2).dll
2012-05-11 14:42:33 43520 ------w- d:\windows\system32\licmgr10.dll
2012-05-11 14:42:33 2000384 ----a-w- d:\windows\system32\iertutil(2)(2).dll
2012-05-11 14:42:33 1469440 ------w- d:\windows\system32\inetcpl.cpl
2012-05-11 14:42:33 1212416 ----a-w- d:\windows\system32\urlmon(2)(2).dll
2012-05-11 14:42:33 105984 ----a-w- d:\windows\system32\url(2)(2).dll
2012-05-11 11:38:02 385024 ------w- d:\windows\system32\html.iec
2012-05-07 16:06:31 70304 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-07 16:06:31 419488 ----a-w- d:\windows\system32\FlashPlayerApp.exe
2012-05-04 13:16:13 2148352 ----a-w- d:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2026496 ----a-w- d:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ----a-w- d:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 20:53:11,25 ===============



.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 25/5/2011 9:50:57 µµ
System Uptime: 10/7/2012 10:45:01 pµ (10 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5N-MX
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2399/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 96,166 GiB free.
D: is FIXED (NTFS) - 298 GiB total, 257,747 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: avast! Firewall NDIS Filter Miniport
Device ID: ROOT\SW_ASWNDISMP\0000
Manufacturer: ALWIL Software
Name: avast! Firewall NDIS Filter Miniport
PNP Device ID: ROOT\SW_ASWNDISMP\0000
Service: aswNdis
.
==== System Restore Points ===================
.
RP211: 10/4/2012 10:01:25 µµ - Installed Windows Internet Explorer 8.
RP212: 10/4/2012 10:03:49 µµ - Software Distribution Service 3.0
RP213: 11/4/2012 8:16:10 µµ - Software Distribution Service 3.0
RP214: 12/4/2012 9:53:24 µµ - System Checkpoint
RP215: 14/4/2012 8:27:45 pµ - System Checkpoint
RP216: 15/4/2012 11:29:19 pµ - System Checkpoint
RP217: 18/4/2012 12:05:34 pµ - System Checkpoint
RP218: 19/4/2012 5:34:40 µµ - System Checkpoint
RP219: 20/4/2012 10:35:34 µµ - System Checkpoint
RP220: 23/4/2012 12:18:03 µµ - System Checkpoint
RP221: 24/4/2012 1:03:49 µµ - System Checkpoint
RP222: 26/4/2012 10:06:11 pµ - System Checkpoint
RP223: 27/4/2012 11:13:56 pµ - System Checkpoint
RP224: 30/4/2012 10:58:07 pµ - System Checkpoint
RP225: 1/5/2012 1:47:56 µµ - System Checkpoint
RP227: 2/5/2012 3:55:19 µµ - System Checkpoint
RP228: 7/5/2012 5:30:50 µµ - System Checkpoint
RP229: 8/5/2012 10:14:29 µµ - System Checkpoint
RP230: 9/5/2012 10:15:03 µµ - System Checkpoint
RP231: 10/5/2012 3:00:20 pµ - Software Distribution Service 3.0
RP232: 11/5/2012 1:08:35 µµ - System Checkpoint
RP233: 12/5/2012 6:18:15 µµ - System Checkpoint
RP234: 14/5/2012 11:38:38 pµ - System Checkpoint
RP235: 15/5/2012 11:41:12 pµ - System Checkpoint
RP237: 17/5/2012 10:39:15 pµ - System Checkpoint
RP239: 21/5/2012 6:09:19 µµ - System Checkpoint
RP240: 22/5/2012 6:16:22 µµ - System Checkpoint
RP241: 23/5/2012 8:50:37 pµ - Software Distribution Service 3.0
RP242: 24/5/2012 12:41:13 µµ - System Checkpoint
RP243: 25/5/2012 10:04:33 µµ - System Checkpoint
RP244: 28/5/2012 12:03:17 pµ - System Checkpoint
RP245: 29/5/2012 12:54:28 pµ - System Checkpoint
RP246: 30/5/2012 10:10:44 pµ - System Checkpoint
RP247: 31/5/2012 11:15:40 pµ - System Checkpoint
RP248: 1/6/2012 1:07:15 µµ - System Checkpoint
RP249: 4/6/2012 4:05:34 µµ - System Checkpoint
RP250: 5/6/2012 2:04:01 pµ - Software Distribution Service 3.0
RP251: 6/6/2012 11:08:35 pµ - System Checkpoint
RP252: 7/6/2012 1:51:20 µµ - System Checkpoint
RP253: 8/6/2012 2:12:41 µµ - System Checkpoint
RP254: 9/6/2012 3:43:30 µµ - System Checkpoint
RP255: 10/6/2012 3:52:28 µµ - System Checkpoint
RP256: 11/6/2012 9:37:49 µµ - System Checkpoint
RP257: 12/6/2012 1:17:20 pµ - Installed Myst IV - Revelation
RP258: 12/6/2012 12:10:52 µµ - Installed Myst IV - Revelation
RP259: 13/6/2012 9:44:53 µµ - System Checkpoint
RP260: 14/6/2012 7:58:19 pµ - Software Distribution Service 3.0
RP261: 14/6/2012 9:29:00 pµ - Restore Operation
RP262: 14/6/2012 10:14:48 pµ - Software Distribution Service 3.0
RP263: 14/6/2012 3:57:06 µµ - Software Distribution Service 3.0
RP264: 15/6/2012 12:43:24 pµ - Installed Myst IV - Revelation
RP265: 15/6/2012 12:59:40 pµ - Installed Myst IV - Revelation
RP266: 15/6/2012 1:14:36 pµ - Installed Myst IV - Revelation
RP267: 16/6/2012 11:49:29 pµ - System Checkpoint
RP268: 18/6/2012 11:10:29 pµ - System Checkpoint
RP269: 18/6/2012 11:17:20 µµ - Installed Myst IV - Revelation
RP270: 18/6/2012 11:38:14 µµ - Installed Myst IV - Revelation
RP271: 19/6/2012 2:04:48 pµ - Installed Myst IV - Revelation
RP272: 20/6/2012 12:50:49 µµ - System Checkpoint
RP273: 21/6/2012 9:26:44 µµ - System Checkpoint
RP274: 22/6/2012 2:27:13 µµ - Installed Myst IV - Revelation
RP275: 24/6/2012 11:03:15 µµ - System Checkpoint
RP276: 26/6/2012 3:38:07 µµ - Restore Operation
RP277: 28/6/2012 12:19:11 µµ - System Checkpoint
RP278: 29/6/2012 8:04:31 pµ - Restore Operation
RP279: 29/6/2012 11:16:59 µµ - Software Distribution Service 3.0
RP280: 30/7/2012 12:35:47 µµ - System Checkpoint
RP281: 30/7/2012 1:17:55 µµ - Installed Myst IV - Revelation
RP282: 30/7/2012 1:36:16 µµ - Installed Myst IV - Revelation
RP283: 2/7/2012 12:54:11 µµ - System Checkpoint
RP284: 7/7/2012 12:08:21 µµ - System Checkpoint
RP286: 9/7/2012 4:07:23 pµ - Installed VIPRE Antivirus Premium.
RP287: 9/7/2012 4:34:33 pµ - Removed Facebook Video Calling 1.2.0.159
RP288: 9/7/2012 4:37:01 pµ - Removed VIPRE Antivirus Premium.
RP289: 9/7/2012 1:10:05 µµ - Removed Java(TM) 6 Update 30
.
==== Installed Programs ======================
.
µTorrent
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 2.0
Adobe Reader 6.0.1
BufferChm
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Compatibility Pack for the 2007 Office system
Copy
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_03_F4200_ProductContext
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
eSupportQFolder
F4200
F4200_Help
Free Studio version 5.6.2.627
Google Chrome
Google Update Helper
GPBaseService
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 11.0
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
HP Imaging Device Functions 11.0
HP Photosmart Essential 2.5
HP Photosmart Essential 3.0
HP Smart Web Printing
HP Solution Center 11.0
HP Update
HPProductAssistant
HPSSupply
LClock
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 13.0.1 (x86 el)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Myst IV - Revelation
Nero 7 Essentials
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA nView Desktop Manager
PDFCreator
Philips Intelligent Agent
Philips SPC230NC Webcam
PSSWCORE
Realtek High Definition Audio Driver
Riven
Scan
Sean O'Connor's Windows Games
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Shop for HP Supplies
Skype™ 5.8
SmartWebPrinting
Software Update for Web Folders
SolutionCenter
Spyware Terminator 2012
Status
Toolbox
TrayApp
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB960763)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoToolkit01
VIPRE Antivirus Premium
Vista Drive Indicator!
VLC media player 1.1.9
WaveLab v3.03a
Webcam Video Viewer
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows XP Service Pack 3
WinRAR 4.01 (32-bit)
.
==== Event Viewer Messages From Past Week ========
.
9/7/2012 4:41:21 pµ, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
9/7/2012 3:57:58 pµ, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
9/7/2012 3:43:56 pµ, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
8/7/2012 2:15:01 pµ, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
7/7/2012 9:52:26 pµ, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
.
==== End Of File ===========================
xristinakos
Active Member
 
Posts: 3
Joined: July 9th, 2012, 6:07 pm
Advertisement
Register to Remove

Re: I was hacked in Zynga poker via Facebook ?

Unread postby askey127 » July 14th, 2012, 10:30 am

Hi xristinakos,
Is your Internet Provider named "Elvate" ?
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

µTorrent
Adobe Reader 6.0.1
Spyware Terminator 2012

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
----------------------------------------------------
Check your Connection Routing:
Go to Start, Run and type the command word cmd into the box. Hit <Enter>
A window will pop up. (Don't try to move the cursor in the window.)
Type the following (there is a space on either side of the double arrow in this line):
ipconfig/all >> d:\ip.txt
Hit <Enter>
Next, type exit, and hit the Enter key again.
The window will disappear.
-----------------------------------
Now go to Start, My Computer and double-click on D:\ drive.
Click View , Details in the top menu.
Find a file in the list named ip.txt
Double click it and you should see Notepad popup with a few lines of information in it.
Please Copy the contents and paste back in a reply here.
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • Double click on the OTL icon to run it.
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so.
    When the scan starts, OTL may appear to be frozen while it runs. Please be patient.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
The Extras.txt file will only appear as a running Notepad document the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

So, we are looking for the answer to the Internet Provider question, the contents of d:\ip.txt, and the contents of the two logs from OTL.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: I was hacked in Zynga poker via Facebook ?

Unread postby askey127 » July 21st, 2012, 7:05 am

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 324 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware