Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Smart Pc Fix Removal

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Smart Pc Fix Removal

Unread postby nex1 » January 1st, 2014, 10:53 pm

Hello to all , First of all i am not computer literate at all so i will try my best to explain as best as possible when i start my computer i have a pop that states Attention 5988 errors are slowing down your computer, would you like to register isharpsoft registry cleaner Pro , I have searched and searched but i cannot remove this software i have tried on safe mode and ran malware remover with no success it did find some other type files which where successfully deleted So now im here pleading for Help Thanks for your help , also for some apparent reason the dds link is coming up scrambled up on notepad i will attempt to use dds from another source and hope its the same thing you guys & galls need thanks I hope this the right one because i have 2 saved notes on desktop





DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by kris at 21:28:38 on 2014-01-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4052.2432 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\ProgramData\MediaDev\1387324144\mediadev.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Users\kris\AppData\Roaming\UpdateServ\IRegCleaner.exe
C:\ProgramData\UpdateServer\1388456804\webdev.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
uProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
mRun: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
Trusted Zone: skillport.com
Trusted Zone: skillwsa.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9773D74D-C1D5-45C2-BE4F-38DD275FF5D5} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{AEFD7E2D-AE4E-4D2F-9C80-24F500193F39} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
x64-Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\kris\AppData\Local\Roblox\Versions\version-28a069d7dccb4f92\NPRobloxProxy.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 asdrm;asdrm;C:\Windows\System32\drivers\asdrm.sys [2014-1-1 18768]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 asdrs;AntiMalware Host-based Intrusion Prevention System;C:\Windows\System32\drivers\asdrs.sys [2014-1-1 23376]
R2 asdsrv;Anvi Smart Defender Realtime Guard Service;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2013-10-21 742584]
R2 asdws;AnviSmartDefender Web Guard;C:\Windows\System32\drivers\asdws.sys [2014-1-1 17232]
R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 MediaDevSrv;MediaDevSrv;C:\ProgramData\MediaDev\1387324144\mediadev.exe [2013-12-17 368448]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-12-16 138272]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2013-4-17 1134584]
R2 WinDevSvc;WinDevSvc;C:\ProgramData\UpdateServer\1388456804\webdev.exe [2013-12-30 368960]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [2013-12-3 1526488]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-12-16 167072]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-16 137648]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20131231.001\IDSviA64.sys [2014-1-1 521944]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-4-16 342120]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-16 676968]
R3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-12-16 451192]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-12-16 1129120]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-12-16 190072]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-12-16 405624]
R3 tihub3;TI USB3 Hub Service;C:\Windows\System32\drivers\tihub3.sys [2011-9-8 136000]
R3 tixhci;TI XHCI Service;C:\Windows\System32\drivers\tixhci.sys [2011-9-26 409408]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-18 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-30 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-12-30 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-12-30 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-12-16 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-01-02 01:45:09 23376 ----a-w- C:\Windows\System32\drivers\asdrs.sys
2014-01-02 01:45:09 18768 ----a-w- C:\Windows\System32\drivers\asdrm.sys
2014-01-02 01:45:09 17232 ----a-w- C:\Windows\System32\drivers\asdws.sys
2014-01-02 00:00:52 -------- d-----w- C:\Users\kris\AppData\Roaming\Malwarebytes
2014-01-02 00:00:42 -------- d-----w- C:\ProgramData\Malwarebytes
2014-01-01 20:42:31 -------- d-----w- C:\Users\kris\AppData\Roaming\Anvisoft
2014-01-01 20:42:23 -------- d-----w- C:\ProgramData\Anvisoft
2014-01-01 20:42:22 -------- d-----w- C:\Program Files (x86)\Anvisoft
2014-01-01 19:31:13 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E6678FE-26E7-467A-B364-0313172F0999}\mpengine.dll
2013-12-31 23:08:09 -------- d-----w- C:\Users\kris\AppData\Local\Macromedia
2013-12-31 21:30:31 -------- d-----w- C:\AdwCleaner
2013-12-31 19:29:20 -------- d-----w- C:\Users\kris\AppData\Local\WinZip
2013-12-31 03:22:20 -------- d-----w- C:\Program Files (x86)\Sendori
2013-12-31 02:40:49 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-12-31 02:40:49 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-12-31 02:26:44 -------- d-----w- C:\ProgramData\UpdateServer
2013-12-31 02:19:58 -------- d-----w- C:\Users\kris\AppData\Local\CyberLink
2013-12-31 02:16:21 736952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-12-31 02:16:00 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-12-31 02:15:48 42168 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-31 02:15:44 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-12-31 02:11:02 -------- d-----w- C:\Windows\ERUNT
2013-12-31 01:33:51 51496 ----a-w- C:\Windows\System32\drivers\stflt.sys
2013-12-31 01:26:42 -------- d-----w- C:\Program Files (x86)\ShowMyPCService
2013-12-31 01:16:05 -------- d-----w- C:\Users\kris\AppData\Local\Deployment
2013-12-31 01:16:05 -------- d-----w- C:\Users\kris\AppData\Local\Apps
2013-12-31 00:09:58 -------- d-----w- C:\Windows\Migration
2013-12-31 00:01:23 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-12-31 00:01:23 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-12-31 00:01:06 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-12-31 00:01:06 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-12-31 00:01:06 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-12-31 00:01:06 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-12-31 00:01:06 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-12-31 00:01:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-12-31 00:01:06 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-12-30 23:44:23 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2013-12-30 23:42:26 -------- d-----w- C:\Users\kris\AppData\Local\BrowserSafeguard
2013-12-30 23:02:17 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-30 20:49:30 -------- d-----w- C:\Users\kris\AppData\Local\Roblox
2013-12-30 20:44:55 -------- d-----w- C:\ProgramData\SearchDonkey
2013-12-29 21:25:02 -------- d-----w- C:\Windows\pss
2013-12-29 21:23:48 -------- d-----w- C:\Users\kris\AppData\Local\ElevatedDiagnostics
2013-12-29 21:23:19 -------- d-----w- C:\Users\kris\AppData\Local\Diagnostics
2013-12-29 20:23:57 -------- d-----r- C:\Program Files (x86)\Skype
2013-12-29 04:27:57 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{568DB3C3-D444-4395-A2B2-C5DF3BA36266}\gapaengine.dll
2013-12-29 04:26:13 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-12-29 04:26:10 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-12-29 02:44:44 -------- d-----w- C:\Windows\System32\MRT
2013-12-29 01:53:09 -------- d-----w- C:\Users\kris\hpremote
2013-12-24 23:10:53 -------- d-----w- C:\Users\kris\AppData\Roaming\HP Support Assistant
2013-12-19 00:02:57 -------- d-----w- C:\Users\kris\AppData\Local\Adobe
2013-12-18 23:54:40 -------- d-----w- C:\Users\kris\AppData\Local\StormAlerts
2013-12-18 23:53:35 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-12-18 05:55:53 -------- d-----w- C:\Users\kris\AppData\Local\CrashDumps
2013-12-17 23:49:04 -------- d-----w- C:\ProgramData\MediaDev
2013-12-17 23:44:03 -------- d-----w- C:\ProgramData\UpdateTask
2013-12-17 21:03:13 -------- d-----w- C:\Users\kris\.android
2013-12-17 21:03:05 -------- d-----w- C:\Users\kris\AppData\Local\cache
2013-12-17 21:02:59 -------- d-----w- C:\Users\kris\AppData\Local\genienext
2013-12-17 21:02:13 -------- d-----w- C:\Users\kris\AppData\Roaming\iSharpsoft
2013-12-17 21:02:08 -------- d-----w- C:\Program Files (x86)\iSharpsoft
2013-12-17 20:58:28 -------- d-----w- C:\ProgramData\CDB
2013-12-17 20:58:24 -------- d-----w- C:\ProgramData\UpdateCommon
2013-12-17 20:58:23 -------- d-----w- C:\Users\kris\AppData\Roaming\UpdateServ
2013-12-17 20:57:16 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-12-17 20:56:12 -------- d-----w- C:\Program Files (x86)\Video Downloader
2013-12-17 20:55:54 0 ----a-w- C:\LILB3CF.tmp
2013-12-17 20:55:54 0 ----a-w- C:\LILB3CE.tmp
2013-12-17 20:55:54 0 ----a-w- C:\LILB3AF.tmp
2013-12-17 20:55:54 0 ----a-w- C:\LILB3A1.tmp
2013-12-17 20:55:54 0 ----a-w- C:\LILB3A0.tmp
2013-12-17 20:55:38 -------- d-----w- C:\Users\kris\AppData\Local\Programs
2013-12-16 22:23:50 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-12-16 22:23:50 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-12-16 22:23:48 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-12-16 22:23:48 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-12-16 22:23:47 67072 ----a-w- C:\Windows\splwow64.exe
2013-12-16 22:23:47 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-12-16 20:11:35 737952 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys
2013-12-16 20:11:35 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys
2013-12-16 20:11:35 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys
2013-12-16 20:11:35 37536 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys
2013-12-16 20:11:35 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys
2013-12-16 20:11:35 167072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys
2013-12-16 20:11:35 1129120 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys
2013-12-16 20:11:26 -------- d-----w- C:\Windows\System32\drivers\NISx64\1309010.00E
2013-12-16 12:50:30 -------- d-----w- C:\Windows\SysWow64\Wat
2013-12-16 12:50:29 -------- d-----w- C:\Windows\System32\Wat
2013-12-16 12:27:16 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-16 12:27:16 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-16 12:27:16 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-16 12:27:15 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-16 11:50:36 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-12-16 11:18:22 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-12-16 11:18:22 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-12-16 11:18:22 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-12-16 11:18:22 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-12-16 11:18:21 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-12-16 11:18:21 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-12-16 11:18:21 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-12-16 11:04:47 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-12-16 11:04:46 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-12-16 11:04:46 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-12-16 09:59:50 -------- d-----w- C:\Users\kris\AppData\Roaming\HpUpdate
2013-12-15 22:35:10 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2013-12-15 11:15:58 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-12-15 11:14:55 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-12-15 11:13:55 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-12-15 11:12:57 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-12-15 11:11:49 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2013-12-15 09:35:42 -------- d-----w- C:\Users\kris\AppData\Local\PDFC
2013-12-15 09:35:09 -------- d-----w- C:\Users\kris\AppData\Local\VirtualStore
2013-12-15 09:32:17 -------- d-----w- C:\Users\kris\AppData\Local\RemEngine
2013-12-15 09:32:14 -------- d-----w- C:\Users\kris\AppData\Local\Hewlett-Packard_Company
2013-12-15 09:20:25 -------- d-----w- C:\ProgramData\Recovery
.
==================== Find3M ====================
.
2014-01-01 19:40:39 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-01 19:40:39 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-16 11:42:27 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
.
============= FINISH: 21:29:24.16 ===============
nex1
Active Member
 
Posts: 2
Joined: January 1st, 2014, 10:05 pm
Advertisement
Register to Remove

Re: Smart Pc Fix Removal

Unread postby nunped » January 6th, 2014, 4:58 am

Hello nex1, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!


Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Smart Pc Fix Removal

Unread postby nunped » January 6th, 2014, 5:24 am

Hi nex1,

You should have a file named "Attach.txt" on your desktop. Can you please post its contents?
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Smart Pc Fix Removal

Unread postby nex1 » January 7th, 2014, 10:36 pm

I have since resolved this issue a friend of mine came over removed this malware for me, I do apologize ,but thanks for your help , Im quite sure something shall arise again ,in which I will have no clue on and will be using the forum , post can be deleted.
nex1
Active Member
 
Posts: 2
Joined: January 1st, 2014, 10:05 pm

Re: Smart Pc Fix Removal

Unread postby Cypher » January 8th, 2014, 6:02 am

As your problems appear to have been resolved, this topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 64 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware