Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Contracted iLivid and other malware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Contracted iLivid and other malware

Unread postby EnglishSettlement » October 14th, 2012, 5:30 pm

Your help is greatly appreciated. Trying to do a movie project, my child unwittingly downloaded iLivid together with several other malware items on 2012-10-12. First symptoms were the "Play or Download(?)" buttons at the bottom of webpages, the iLivid logo, the strange search bar when a new browser window was opened, and the white box block-out of search results from yahoo or bing. Despite that, Norton and Microsoft's Security Essentials did not detect any virus/problem. I started reading posts here and elsewhere, and learned of it and its constantly changing nature, which might explain why some of the file names differ from previous posts. I've tried several things to remove them, using Appwiz.cpl, to try to "uninstall" MusicOasis, iLivid, default search, Yontoo 1.10.02, and ASPCA Reminder from we-care.com (if I'm remembering them all). I succeeded in disabling and hopefully removing the browser hijack (Default Search?), but there seems to be lingering remnants, based on an OTL scan (e.g., MusicOasis, Tarma Installer, Yahoo! Companion) that were installed at the same time and I am concerned that they remain a threat. Here is my DDS log from yesterday, followed by attach log:

DDS (Ver_2012-10-14.05) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by MEACB Fam Desktop at 0:22:05 on 2012-10-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6124.3022 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\IDT\WDM\beats64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Hewlett-Packard\HP My Display\OSDManager.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe
C:\Program Files\Anti-Malware\OTL.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\notepad.exe
C:\Windows\notepad.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Microsoft Games\solitaire\solitaire.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/
mWinlogon: Userinit = userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Constant Guard Protection Suite: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.12.1002.3\NativeBHO.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPO
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\MEACBF~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{2B4FA6AB-AAEC-4DAB-9708-67B1E14BAEF8} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0502020.003\symds64.sys [2012-7-18 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0502020.003\symefa64.sys [2012-7-18 912504]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [2012-10-1 1385120]
R1 GIDv2;GIDv2;C:\Windows\System32\drivers\gidv2.sys [2012-2-13 29288]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20121012.001\IDSviA64.sys [2012-10-12 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0502020.003\ironx64.sys [2012-7-18 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\0502020.003\symnets.sys [2012-7-18 386168]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-12-7 89600]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-7 2375168]
R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2012-10-3 61552]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-13 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-13 676936]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe [2012-7-18 130008]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-7-4 2458944]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-12-7 109168]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-7 2656280]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-3-23 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-10 138912]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\System32\drivers\itecir.sys [2011-12-7 69736]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-10-13 25928]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-12-7 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-12-7 1360960]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-12-7 338536]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-7 471144]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 tihub3;TI USB3 Hub Service;C:\Windows\System32\drivers\tihub3.sys [2011-12-7 131656]
R3 tixhci;TI XHCI Service;C:\Windows\System32\drivers\tixhci.sys [2011-12-7 399944]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-19 136176]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-19 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2011-12-7 31152]
S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2010-1-18 4608]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-31 1255736]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-10-14 06:10:20 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-10-14 06:10:20 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-14 06:10:13 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-14 05:20:58 -------- d-----w- C:\Program Files\Anti-Malware
2012-10-14 03:49:29 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Roaming\Malwarebytes
2012-10-14 03:49:19 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-14 03:49:17 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-10-14 03:49:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-13 20:45:08 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{63AA384D-553B-4472-BF60-9A70DF3EDBE7}
2012-10-13 07:56:19 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\Kobo
2012-10-13 07:51:02 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Roaming\ZinioReader4
2012-10-13 07:29:40 -------- d-----w- C:\ProgramData\PDFC
2012-10-13 07:21:26 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\VS Revo Group
2012-10-13 07:21:21 -------- d-----w- C:\Program Files\VS Revo Group
2012-10-13 06:29:38 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{31883C3D-FB5A-467B-8AF3-8288EB9C0192}
2012-10-13 05:22:38 972192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{88D153F3-CC08-4F1B-BD61-CFE4E6CD0F2E}\gapaengine.dll
2012-10-13 05:22:35 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{114F08C6-51BF-436F-A58C-DA31A0DF4A0E}\mpengine.dll
2012-10-13 05:19:54 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-10-13 05:19:51 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-10-13 03:36:44 -------- d-----w- C:\ID Vault
2012-10-13 03:32:59 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\NPE
2012-10-12 22:46:12 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Roaming\MusicOasis
2012-10-12 22:45:57 -------- d-----w- C:\ProgramData\Tarma Installer
2012-10-12 22:45:46 -------- d-----w- C:\ProgramData\WeCareReminder
2012-10-12 22:45:36 -------- d-----w- C:\Program Files (x86)\Yahoo!
2012-10-12 13:37:18 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{92AFC30E-490D-47F8-A34B-662B1FB5361F}
2012-10-11 18:53:38 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{21D83205-9715-46B0-921E-971BF4974DCF}
2012-10-11 02:01:04 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{0E008CF5-7F29-4429-9671-A608607FBEC0}
2012-10-10 12:54:34 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{726B5BC4-21D0-4481-B20B-625E37C724F2}
2012-10-09 20:58:06 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{52078DA1-A0D0-40D6-AA11-A388BB0E4507}
2012-10-09 01:54:53 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{0FC9DBB8-7336-4418-8275-6286A39D1416}
2012-10-08 13:54:30 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{A4BFB3DE-DB14-44CD-AAA0-6418EA2A1AE6}
2012-10-08 01:37:24 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{35D6BD80-AAF1-497B-8BB7-4CC6699718FC}
2012-10-06 15:21:58 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{3B819532-50AE-4940-94D0-ED23149C126B}
2012-10-05 15:06:14 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{9CD3C714-06ED-4A67-8B98-A328D02DD67A}
2012-10-04 22:36:59 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{51A1563E-80BD-43A5-9941-7317A4D2FE32}
2012-10-04 02:06:57 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{07CD33FE-379E-4E64-818F-1CD4C884F0FA}
2012-10-03 14:06:34 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{11FD3448-0873-4D2F-BB75-E181EC7E6E11}
2012-10-03 00:40:47 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{B7D81391-FEAA-430F-98AA-F8F9F04FF4C3}
2012-10-02 12:28:04 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{F7369093-D213-4B08-AE47-B748E55842E3}
2012-10-01 22:21:40 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{5080F52E-1A1F-4F73-B8D5-551B5FCB26A8}
2012-10-01 04:30:40 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{CAD513A3-ADEB-4B8A-AE73-820F2FC2A144}
2012-09-30 15:09:19 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{D9A77CCE-8062-4196-A668-E8E9BA94F744}
2012-09-30 00:23:02 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-09-30 00:20:39 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{32578E33-2483-4379-A6EA-9199AD0A97B0}
2012-09-28 18:31:46 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{23384781-F390-4ACC-8195-14D9185C7272}
2012-09-28 03:43:19 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{9C4A0F26-7E15-450D-8387-07E2DFD7B7A2}
2012-09-27 15:42:56 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{73AD0A44-CB2F-4549-BDA8-9C0FDA1C0EC7}
2012-09-26 00:50:47 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{3C0F2F73-6425-40BB-98A9-ABCC1ED2432C}
2012-09-25 12:47:05 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{DCA2DE73-CDF8-4D29-9C85-5B5A2D9663FB}
2012-09-24 15:33:52 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{CAA36B3A-27BE-42BF-A67F-7FFFFB3AAFE5}
2012-09-23 16:01:21 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{01F34754-535B-4939-91A2-FF7A461425EA}
2012-09-22 22:06:41 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{FEC5BD43-AD28-4CE9-A7FB-5A192B387C90}
2012-09-22 13:16:14 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{B8C59C5E-4E13-4740-B7F6-149FB3D9CA30}
2012-09-21 21:08:25 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{52E5FE43-8C32-4CBB-A8C8-AD82FB9B1E71}
2012-09-21 01:10:18 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{DD5EDDF5-A423-49B8-B2D2-71430E5ACB5C}
2012-09-20 23:15:47 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\Microsoft Help
2012-09-20 12:44:07 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{69C7D921-4CD7-44AC-BF14-854F4D3D5E3B}
2012-09-19 22:39:29 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{A96D65E8-B3B7-4F67-8F01-6D25A7023C78}
2012-09-19 21:38:19 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{72656B01-D0FF-4FC1-9506-6CD8080610E0}
2012-09-19 01:52:15 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{01643235-04E1-4EBF-AAC8-7E34F2451AC2}
2012-09-18 13:51:53 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{26C90FC9-C2D3-4388-8494-CF8623B18926}
2012-09-17 20:52:58 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{137D985B-ADBE-45E3-9B75-DC173057E492}
2012-09-17 02:26:17 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{02E721E7-1632-41F5-B5B7-497EB68741E6}
2012-09-16 14:26:07 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{FF8A4C8E-05B6-43D6-933E-F75C29B3D931}
2012-09-15 15:07:09 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{B15862D0-F456-4710-8177-96FB2D7F31EB}
2012-09-14 20:40:35 -------- d-----w- C:\Users\MEACB Fam Desktop\AppData\Local\{CDD29CE6-B14B-4781-AA7E-D59ABA49A6D0}
.
==================== Find3M ====================
.
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-31 04:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-08-31 04:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-08-05 20:59:57 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-05 20:59:57 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 0:22:22.02 ===============


And here is attach log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-14.05)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/12/2011 1:04:20 PM
System Uptime: 10/13/2012 10:56:28 PM (2 hours ago)
.
Motherboard: PEGATRON CORPORATION | | 2AC3
Processor: Intel(R) Core(TM) i5-2400S CPU @ 2.50GHz | CPU 1 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 919 GiB total, 845.146 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.483 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP65: 10/10/2012 10:09:59 PM - Windows Update
RP66: 10/11/2012 12:37:20 PM - Installed Microsoft Office Home and Student 2007
RP67: 10/11/2012 10:05:08 PM - Windows Update
RP68: 10/12/2012 10:11:58 PM - Windows Update
RP69: 10/12/2012 11:14:03 PM - Removed ASPCA Reminder by We-Care.com v4.1.18.1
RP70: 10/12/2012 11:16:09 PM - Removed MusicOasis
RP72: 10/13/2012 1:22:30 AM - Revo Uninstaller Pro's restore point - ASPCA Reminder by We-Care.com v4.1.18.1
RP73: 10/13/2012 1:22:51 AM - Removed ASPCA Reminder by We-Care.com v4.1.18.1
RP75: 10/13/2012 1:28:51 AM - Revo Uninstaller Pro's restore point - PDF Complete Special Edition
RP77: 10/13/2012 1:54:52 AM - Revo Uninstaller Pro's restore point - RoxioNow Player
RP79: 10/13/2012 1:59:03 AM - Revo Uninstaller Pro's restore point - Revo Uninstaller Pro 2.5.9
RP81: 10/13/2012 6:20:28 PM - Revo Uninstaller Pro's restore point - Google Toolbar for Internet Explorer
RP83: 10/13/2012 6:30:01 PM - Revo Uninstaller Pro's restore point - Adobe AIR
RP85: 10/13/2012 6:53:07 PM - Revo Uninstaller Pro's restore point - musicoasis
RP87: 10/13/2012 6:53:38 PM - Revo Uninstaller Pro's restore point - yontoo
RP89: 10/13/2012 6:54:04 PM - Revo Uninstaller Pro's restore point - default search
RP91: 10/13/2012 6:54:39 PM - Revo Uninstaller Pro's restore point - ilivid.com
RP93: 10/13/2012 6:55:03 PM - Revo Uninstaller Pro's restore point - ilivid
RP95: 10/13/2012 6:55:32 PM - Revo Uninstaller Pro's restore point - searchqu
RP97: 10/13/2012 6:56:02 PM - Revo Uninstaller Pro's restore point - searchnu
RP99: 10/13/2012 6:56:45 PM - Revo Uninstaller Pro's restore point - we-care
RP101: 10/13/2012 6:58:09 PM - Revo Uninstaller Pro's restore point - yontoo 1.10.02
RP102: 10/13/2012 7:55:59 PM - Windows Update
RP103: 10/14/2012 12:09:48 AM - Installed Java 7 Update 7
.
==== Installed Programs ======================
.
802.11n Wireless LAN Card
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Agatha Christie - Peril at End House
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AuthenTec TrueAPI
Bejeweled 3
Bing Bar
Blackhawk Striker 2
Blasterball 3
Blio
Bonjour
Bounce Symphony
Cake Mania
Chronicles of Albian
Chuzzle Deluxe
Constant Guard Protection Suite
Coupon Printer for Windows
Cradle of Rome 2
CyberLink YouCam
D3DX10
Farm Frenzy
FATE
Google Update Helper
Governor of Poker 2 Premium Edition
GuardedID
Hewlett-Packard ACLM.NET v1.1.2.0
HP Auto
HP Client Services
HP Customer Experience Enhancements
HP Games
HP LinkUp
HP MovieStore
HP My Display
HP Odometer
HP Photo Creations
HP Photosmart Plus B210 series Basic Device Software
HP Photosmart Plus B210 series Help
HP Photosmart Plus B210 series Product Improvement Study
HP Setup
HP Setup Manager
HP SimplePass PE 2011
HP Support Assistant
HP Support Information
HP Update
HP Vision Hardware Diagnostics
IDT Audio
Intel(R) Identity Protection Technology 1.1.2.0
Intel(R) Management Engine Components
iTunes
Java 7 Update 7
Java Auto Updater
Jewel Quest: The Sleepless Star - Collector's Edition
Junk Mail filter update
Kobo
LabelPrint
Mah Jong Medley
Malwarebytes Anti-Malware version 1.65.0.1400
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Mathematics
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Starter 2010 - English
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery of Mortlake Mansion
Namco All-Stars: PAC-MAN
Norton Online Backup
Norton Security Suite
NVIDIA Control Panel 296.19
NVIDIA Graphics Driver 296.19
NVIDIA Install Application
NVIDIA Update 1.7.12
NVIDIA Update Components
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PressReader
QuickTime
Realtek PCIE Card Reader
Recovery Manager
Remote Graphics Receiver
RoxioNow Player
SDK
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Slingo Supreme
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands
VIP Access SDK (1.0.1.4)
Virtual Villagers 5 - New Believers
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
10/13/2012 10:58:15 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
EnglishSettlement
Regular Member
 
Posts: 23
Joined: October 14th, 2012, 1:53 am
Advertisement
Register to Remove

Re: Contracted iLivid and other malware

Unread postby deltalima » October 14th, 2012, 5:55 pm

User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 307 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware