Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Twunk_32.exe*32 Removal

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Twunk_32.exe*32 Removal

Unread postby Snarfeh » January 18th, 2014, 5:29 pm

Hi,
I have noticed that in the past few days multiple instances of twunk_32.exe832 have been opening up in Windows Task Manager. These are slowly increasing in memory usage, and the computer is occasionally slowing down. I tried using the method that another user was suggested to clear his problem but it did not work for me. Here are the logs requested:

casioDDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16526 BrowserJavaVersion: 10.45.2
Run by Nocturn at 21:25:08 on 2014-01-18
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.8175.5284 [GMT 0:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Nocturn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
D:\Steam\Steam.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\twunk_32.exe
C:\Windows\twunk_32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Steam] "D:\Steam\steam.exe" -silent
uRun: [Spotify Web Helper] "C:\Users\Nocturn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [EVEMon] "C:\Program Files (x86)\EVEMon\EVEMon.exe" -startMinimized
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
uRun: [AVG-Secure-Search-Update_1213b] C:\Users\Nocturn\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=fce1a7675f0547d0ba8f5f08aab0519b-4804d98cf62c99e4e90146ab315b386a55f6930e /CMPID=1213b
mRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Nocturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{D2D49ED2-990C-4DBD-8E34-8BFE82F1C714} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Nocturn\AppData\Roaming\Mozilla\Firefox\Profiles\1k7m7o6o.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\BYOND\bin\npbyond.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\Nocturn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Nocturn\AppData\Roaming\Mozilla\Firefox\Profiles\1k7m7o6o.default\extensions\cryenginebrowserplugin@crytek.com\plugins\npcry39.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2014-1-17 25312]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-2-5 283200]
R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\Windows\System32\drivers\jswpslwfx.sys [2013-1-28 26624]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-1-10 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-10 701512]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-3 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-16 15129376]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
R2 WSWNA1100;WSWNA1100;C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [2014-1-17 268768]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2014-1-17 1849856]
R3 busenum;SteelBusSvc;C:\Windows\System32\drivers\SteelBus64.sys [2013-10-30 140800]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-10 25928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-17 39200]
R3 SAlphamHid;SteelHIDSvc;C:\Windows\System32\drivers\SAlpham64.sys [2013-5-31 38016]
S2 AcerSyncServiceWinService;AcerSyncServiceWinService;C:\Program Files\Acer\AcerSync\AcerSyncService.exe -p --> C:\Program Files\Acer\AcerSync\AcerSyncService.exe -p [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-8 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2012-7-20 31744]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-1-31 49152]
S3 BRDriver64;BRDriver64;C:\ProgramData\BitRaider\BRDriver64.sys [2013-12-9 75048]
S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\BitRaider\BRSptSvc.exe [2013-12-9 477960]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-1-28 79360]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;D:\Origin\Dragon Age\bin_ship\daupdatersvc.service.exe [2011-2-24 25832]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup;C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [2014-1-17 960992]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-13 36720]
S3 qcusbser;ACER USB Device for Legacy Serial Communication;C:\Windows\System32\drivers\qcusbser.sys [2012-7-20 120960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-28 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-28 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-28 1255736]
.
=============== Created Last 30 ================
.
2014-01-18 21:21:04 -------- d-----w- C:\Users\Nocturn\AppData\Local\CrashDumps
2014-01-18 18:52:38 -------- d-----w- C:\_OTL
2014-01-18 04:05:43 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-01-18 04:05:40 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B96279F3-E4B2-41EC-B5C5-CCDC2C97EB8E}\mpengine.dll
2014-01-18 02:15:59 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-01-18 02:15:59 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-01-18 02:15:58 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-01-18 02:15:58 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-01-18 01:18:34 -------- d-----w- C:\Windows\System32\MRT
2014-01-18 01:15:50 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2014-01-18 01:15:50 52224 ----a-w- C:\Windows\System32\certenc.dll
2014-01-18 01:15:50 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2014-01-18 01:15:50 1192448 ----a-w- C:\Windows\System32\certutil.exe
2014-01-18 01:15:25 70144 ----a-w- C:\Windows\System32\appinfo.dll
2014-01-18 01:15:25 111448 ----a-w- C:\Windows\System32\consent.exe
2014-01-18 01:13:54 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2014-01-18 01:12:28 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-01-18 01:11:59 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-01-18 01:10:59 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2014-01-18 01:09:58 633856 ----a-w- C:\Windows\System32\comctl32.dll
2014-01-18 00:47:26 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-01-18 00:47:26 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-01-18 00:47:26 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-01-18 00:47:26 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-01-18 00:47:26 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-01-17 21:54:54 356352 ----a-w- C:\Users\Nocturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EPUHelp.exe
2014-01-17 21:43:00 25312 ----a-w- C:\Windows\System32\drivers\SCMNdisP.sys
2014-01-17 21:43:00 1849856 ----a-w- C:\Windows\System32\drivers\athurx.sys
2014-01-17 21:42:58 -------- d-----w- C:\Program Files (x86)\NETGEAR
2014-01-14 19:52:38 -------- d-----w- C:\Users\Nocturn\AppData\Roaming\AVG2014
2014-01-14 19:50:45 -------- d--h--w- C:\$AVG
2014-01-14 19:48:34 -------- d-----w- C:\Users\Nocturn\AppData\Local\Avg2014
2014-01-14 19:41:24 -------- d-----w- C:\Program Files (x86)\AVG
2014-01-14 19:30:02 -------- d-sh--w- C:\$RECYCLE.BIN
2014-01-14 19:23:23 98816 ----a-w- C:\Windows\sed.exe
2014-01-14 19:23:23 256000 ----a-w- C:\Windows\PEV.exe
2014-01-14 19:23:23 208896 ----a-w- C:\Windows\MBR.exe
2014-01-14 18:37:00 -------- d-----w- C:\Users\Nocturn\AppData\Local\VirtualStore
2014-01-13 22:27:44 89304 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-10 16:38:34 -------- d-----w- C:\Users\Nocturn\AppData\Roaming\Awesomium
2014-01-10 00:54:54 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-08 15:19:33 -------- d-----w- C:\NVIDIA
2014-01-08 04:53:37 -------- d-----w- C:\ProgramData\Elder Scrolls Online
2014-01-06 02:13:22 -------- d-----w- C:\AdwCleaner
2014-01-05 23:39:35 -------- d-----w- C:\Users\Nocturn\AppData\Roaming\Malwarebytes
2014-01-05 23:39:26 -------- d-----w- C:\ProgramData\Malwarebytes
2014-01-05 23:39:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-05 23:37:38 -------- d-----w- C:\Users\Nocturn\AppData\Roaming\Activeris
2014-01-05 22:46:23 -------- d-----w- C:\Program Files\Enigma Software Group
2014-01-05 20:51:32 -------- d-----w- C:\Users\Nocturn\AppData\Local\IRsoft
2014-01-04 21:25:47 -------- d-----w- C:\Users\Nocturn\AppData\Roaming\Razor
2014-01-04 21:25:11 -------- d-----w- C:\Program Files (x86)\Razor
2014-01-04 21:23:36 -------- d--h--w- C:\Windows\PIF
2014-01-04 21:18:38 -------- d-----w- C:\Users\Nocturn\AppData\Roaming\Ultima Online Forever (Razor)
2014-01-04 03:26:48 -------- d-----w- C:\Users\Nocturn\AppData\Roaming\AVG
2014-01-04 03:25:37 -------- d-----w- C:\ProgramData\AVG
2014-01-04 03:25:25 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-01-01 22:34:49 -------- d-----w- C:\Program Files\Microsoft LifeCam
2014-01-01 22:34:49 -------- d-----w- C:\Program Files (x86)\Microsoft LifeCam
.
==================== Find3M ====================
.
2014-01-08 22:22:07 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-01-03 19:27:50 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-12-29 23:49:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-29 23:49:02 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-19 18:53:46 6671648 ----a-w- C:\Windows\System32\nvcpl.dll
2013-12-19 18:53:46 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-12-19 18:53:44 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-12-19 18:53:44 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-12-19 18:53:44 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2013-12-19 12:20:22 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-12-19 05:01:48 3539040 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-12-10 02:13:11 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-12-10 02:13:01 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-12-05 08:42:30 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-12-05 08:42:26 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-11-28 13:38:22 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-11-28 13:38:18 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-26 12:25:52 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-26 11:40:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys
2013-11-22 08:36:08 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2013-11-15 01:37:29 2334720 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-15 01:29:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-11-15 01:28:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-15 01:22:21 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-15 01:20:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-11-15 01:18:03 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-14 22:50:50 1806848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-14 22:42:41 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-14 22:42:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-14 22:38:54 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-11-14 22:38:16 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-11-14 22:35:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-14 18:00:00 127488 ----a-w- C:\Windows\System32\ff_vfw.dll
2013-11-14 18:00:00 112640 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2013-11-14 11:55:45 1510176 ----a-w- C:\Windows\System32\nvhdagenco64.dll
2013-11-14 11:55:24 1884448 ----a-w- C:\Windows\System32\nvdispco6433182.dll
2013-11-14 11:55:24 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433182.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-05 21:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2013-11-04 21:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-03 20:17:26 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-10-31 23:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-10-31 22:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-10-30 16:15:32 140800 ----a-w- C:\Windows\System32\drivers\SteelBus64.sys
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-24 22:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-10-23 10:30:23 1884448 ----a-w- C:\Windows\System32\nvdispco6433165.dll
2013-10-23 10:30:23 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433165.dll
2013-10-23 08:20:05 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
.
============= FINISH: 21:26:24.79 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 28/01/2013 02:32:32
System Uptime: 18/01/2014 21:18:48 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | H61M-USB3-B3
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz | Socket 1155 | 3601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 186 GiB total, 47.045 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 69.713 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 932 GiB total, 36.371 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_50011458&REV_05\3&13C0B0C5&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_50011458&REV_05\3&13C0B0C5&0&FB
Service:
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_1969&DEV_1073&SUBSYS_E0001458&REV_C0\4&18803EC9&0&00E4
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_1969&DEV_1073&SUBSYS_E0001458&REV_C0\4&18803EC9&0&00E4
Service:
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1B6F&DEV_7023&SUBSYS_50071458&REV_01\4&6AE81F7&0&00E2
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1B6F&DEV_7023&SUBSYS_50071458&REV_01\4&6AE81F7&0&00E2
Service:
.
==== System Restore Points ===================
.
RP130: 05/01/2014 22:43:25 - Installed SpyHunter
RP131: 05/01/2014 23:35:21 - Removed SpyHunter
RP132: 06/01/2014 02:47:18 - Installed DirectX
RP133: 06/01/2014 03:03:27 - Restore Operation
RP134: 06/01/2014 03:28:40 - Installed DirectX
RP135: 07/01/2014 20:38:42 - Installed DirectX
RP136: 13/01/2014 22:43:13 - Malwarebytes Anti-Rootkit Restore Point
RP137: 14/01/2014 19:11:10 - Malwarebytes Anti-Rootkit Restore Point
RP138: 14/01/2014 19:19:57 - Removed AVG 2014
RP139: 14/01/2014 19:21:53 - Removed AVG 2014
RP140: 14/01/2014 19:41:10 - Installed AVG 2014
RP141: 14/01/2014 19:49:30 - Installed AVG 2014
RP142: 17/01/2014 21:41:54 - Removed NETGEAR WNA1100 wireless USB 2.0 adapter
RP143: 17/01/2014 21:42:50 - Installed NETGEAR WNA1100 wireless USB 2.0 adapter
RP144: 17/01/2014 21:43:17 - Device Driver Package Install: NETGEAR Inc. Network Protocol
RP145: 18/01/2014 01:17:11 - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
Arma 3 Alpha
AVG 2014
AVG PC TuneUp 2014 (en-US)
Batman: Arkham Asylum GOTY Edition
Battle.net
Battlefield 4™
Battlelog Web Plugins
BattlEye for OA Uninstall
BitRaider Web Client
Blood Bowl: Legendary Edition
BYOND
Chivalry: Medieval Warfare
ComicRack v0.9.161
Contagion
Counter-Strike: Global Offensive
Creative Audio Control Panel
DAEMON Tools Lite
Day of Defeat: Source
Dota 2
Dragon Age: Origins
EA Shared Game Component: Activation
ESN Sonar
EVE Online (remove only)
EVEMon
FileZilla Client 3.7.0.2
GeForce Experience NvStream Client Components
Hearthstone
Heroes of Newerth
Intel(R) Processor Graphics
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Java 7 Update 45
Java Auto Updater
Just Cause 2
Just Cause 2: Multiplayer Mod
K-Lite Mega Codec Pack 10.1.5
Leviathan: Warships
LibreOffice 4.1.0.4
Malwarebytes Anti-Malware version 1.75.0.1300
MechWarrior Online
Metro 2033
Microsoft .NET Framework 4.5
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Corporation
Microsoft LifeCam
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP1 ????
Microsoft SQL Server Compact 3.5 SP1 x64 ????
Microsoft Sync Framework Runtime v1.0 (x64)
Microsoft Sync Framework Services v1.0 (x64)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Mirror's Edge
Mount & Blade: Warband
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
Mumble 1.2.3
Natural Selection 2
NETGEAR WNA1100 wireless USB 2.0 adapter
NVIDIA 3D Vision Controller Driver 332.21
NVIDIA 3D Vision Driver 332.21
NVIDIA Control Panel 332.21
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 332.21
NVIDIA HD Audio Driver 1.3.30.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
Octoshape add-in for Adobe Flash Player
OpenOffice.org 3.4.1
Origin
Path of Exile
PlanetSide 2
PunkBuster Services
QuickTime
Red Orchestra 2: Heroes of Stalingrad
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)
Security Update for Microsoft .NET Framework 4.5 (KB2861208)
Shadowrun Returns
SHIELD Streaming
Sid Meier's Civilization V
Skype™ 6.11
Spotify
Star Wars The Old Republic
Star Wars: The Old Republic
Steam
SteelSeries Engine
Team Fortress 2
TeamSpeak 3 Client
The Elder Scrolls Online Beta
The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1
The Elder Scrolls V: Skyrim
Unity Web Player
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
Ventrilo Client for Windows x64
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.0.7
War Thunder
Warhammer 40,000 Space Marine
Windows Driver Package - ACER Incorporated (qcusbser) Modem (10/12/2009 2.0.6.6)
Windows Driver Package - ACER Incorporated (qcusbser) Ports (10/12/2009 2.0.6.6)
Windows Driver Package - ACER, Inc (androidusb) USB (10/12/2009 1.0.0010.00000)
WinRAR 4.20 (64-bit)
WoD Toolkit 3
World of Tanks
Xiph.Org Open Codecs 0.85.17777
.
==== Event Viewer Messages From Past Week ========
.
18/01/2014 21:19:37, Error: Service Control Manager [7000] - The AcerSyncServiceWinService service failed to start due to the following error: The system cannot find the file specified.
18/01/2014 21:19:36, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126
18/01/2014 18:52:38, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).
18/01/2014 18:32:41, Error: Service Control Manager [7043] - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
18/01/2014 00:48:16, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Modules Installer service, but this action failed with the following error: An instance of the service is already running.
18/01/2014 00:46:16, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
18/01/2014 00:37:01, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
18/01/2014 00:37:01, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
18/01/2014 00:37:01, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
17/01/2014 21:43:32, Error: Service Control Manager [7030] - The WSWNA1100 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
17/01/2014 21:35:39, Error: athur [5003] - NETGEAR WNA1100 Wireless-N 150 USB Adapter : Could not find a network adapter.
17/01/2014 21:32:36, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the WSWNA1100 service to connect.
17/01/2014 21:32:36, Error: Service Control Manager [7000] - The WSWNA1100 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
Snarfeh
Active Member
 
Posts: 5
Joined: January 18th, 2014, 5:22 pm
Advertisement
Register to Remove

Re: Twunk_32.exe*32 Removal

Unread postby pgmigg » January 19th, 2014, 12:37 am

Hello Snarfeh,

Welcome to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3179
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Twunk_32.exe*32 Removal

Unread postby pgmigg » January 19th, 2014, 2:29 am

Hello Snarfeh,

Step 1.
MGA Diagnostics
I need you to run a tool which will aid in determining what additional steps we'll need to perform.
  1. Please download this tool from Microsoft and save it to your Desktop.
  2. Right click on MGADiag.exe and select "Run As Administrator..." to run it.
  3. Click "Run" again and then click "Continue".
  4. The program will run. It takes a while to finish the diagnosis, please be patient.
  5. Once done, click on Copy.
  6. Open Notepad and paste the contents in. Save this file and post it in your next reply.

Step 2.
WVCheck
  1. Please download WVCheck.exe and save it to your Desktop.
  2. Right-click WVCheck.exe and select "Run as administrator..." to run the process.
  3. Read the comments on the screen, then press Enter.
    The scan can take a while depending on the size of your hard drive.
  4. Once the program is done, Notepad will open with the scan report. Save the report to your Desktop.
  5. Please copy and paste the contents of the Notepad file in your next reply.

Step 3.
Run CKScanner
  1. Please download CKScanner from Here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Step 4.
TSG - SysInfo utility
  1. Please download SysInfo utility and save it to your Desktop.
  2. Right click on SysInfo.exe, select "Run As Administrator..." to run it... if UAC prompts, please allow it.
  3. Right click, select copy and then paste in your next post.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of a log created by MGADiag.exe
  3. Contents of a log created by WVCheck.exe
  4. Contents of CKFiles.txt log file
  5. Contents of SysInfo scan

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3179
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Twunk_32.exe*32 Removal

Unread postby Snarfeh » January 19th, 2014, 9:35 am

Hi, thanks for your help. here are the logs as requested.

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-X92GV-V7DCV-P4K27
Windows Product Key Hash: aU2z1/fnhnLHmhBm699qYZT2E6s=
Windows Product ID: 00426-OEM-8992662-00400
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {C376085F-3651-4FCA-B082-01E5B484CC4D}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.130828-1532
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{C376085F-3651-4FCA-B082-01E5B484CC4D}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-P4K27</PKey><PID>00426-OEM-8992662-00400</PID><PIDType>2</PIDType><SID>S-1-5-21-178206425-1891274537-1558334080</SID><SYSTEM><Manufacturer>Gigabyte Technology Co., Ltd.</Manufacturer><Model>H61M-USB3-B3</Model></SYSTEM><BIOS><Manufacturer>Award Software International, Inc.</Manufacturer><Version>F3</Version><SMBIOSVersion major="2" minor="4"/><Date>20110308000000.000000+000</Date></BIOS><HWID>ADB63907018400FE</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>PE_SC3 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, Ultimate edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00178-926-600400-02-2057-7600.0000-0282013
Installation ID: 021374863531138483298055090362684902125394430601860652
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: P4K27
License Status: Licensed
Remaining Windows rearm count: 4
Trusted time: 19/01/2014 13:24:15

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x80072EE7
HealthStatus: 0x0000000000000000
Event Time Stamp: 10:27:2013 04:21
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: NgAAAAIABAABAAEAAAADAAAAAQABAAEAln0c/ncWbERiNErdPkJyOOjbAPfAw86a5kQfwi5z

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC GBT GBTUACPI
FACP GBT GBTUACPI
HPET GBT GBTUACPI
MCFG GBT GBTUACPI
ASPT GBT PerfTune
SSPT GBT SsptHead
EUDS GBT
TAMG GBT GBT B0
SSDT INTEL PPM RCM
SLIC DELL PE_SC3

Windows Validation Check
Version: 1.9.12.5
Log Created On: 1326_19-01-2014
-----------------------

Windows Information
-----------------------
Windows Version: Windows 7 Service Pack 1
Windows Mode: Normal
Systemroot Path: C:\Windows

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates automatically, but ask me when I want to install them.
-----------------------
Last Success Time for Update Detection: 2014-01-18 23:29:18
Last Success Time for Update Download: 2014-01-18 01:16:05
Last Success Time for Update Installation: 2014-01-18 02:18:45


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
C:\Windows\System32\slwga.dll
Size: 14336 bytes
Creation; 28/1/2013 22:19:11
Modification; 20/11/2010 12:21:24
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\SysWOW64\slwga.dll
Size: 14336 bytes
Creation; 28/1/2013 22:19:11
Modification; 20/11/2010 12:21:24
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_5b467ba9bd0679bb\slwga.dll
Size: 14848 bytes
Creation; 14/7/2009 0:52:11
Modification; 14/7/2009 2:41:54
MD5; cc03cf9f24946dcbd70acb3e1b2f05bf
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_5b856235bcd79403\slwga.dll
Size: 15360 bytes
Creation; 28/1/2013 3:55:45
Modification; 21/12/2010 6:15:31
MD5; b7213e92b270761b88b313b62ba0e13b
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_5be2bf06d6168a3a\slwga.dll
Size: 15360 bytes
Creation; 28/1/2013 3:55:45
Modification; 21/12/2010 6:9:5
MD5; 86b7d4d7a87ecb9e6bded44c52c8d5d9
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_5d778f71b9f4fd55\slwga.dll
Size: 15360 bytes
Creation; 28/1/2013 22:19:13
Modification; 20/11/2010 13:27:26
MD5; b6d6886149573278cba6abd44c4317f5
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16385_none_ff27e02604a90885\slwga.dll
Size: 13824 bytes
Creation; 14/7/2009 0:36:22
Modification; 14/7/2009 2:16:15
MD5; 01fe4bdd0b47a7d8bf34d78d2bc23ddb
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.16723_none_ff66c6b2047a22cd\slwga.dll
Size: 14336 bytes
Creation; 28/1/2013 3:55:45
Modification; 21/12/2010 5:38:16
MD5; 2008845b41d561fb77b77bbe0045099e
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7600.20862_none_ffc423831db91904\slwga.dll
Size: 14336 bytes
Creation; 28/1/2013 3:55:45
Modification; 21/12/2010 5:29:6
MD5; 2332de32759ebcc691850e092b2564a6
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_0158f3ee01978c1f\slwga.dll
Size: 14336 bytes
Creation; 28/1/2013 22:19:11
Modification; 20/11/2010 12:21:24
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.


WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - 5e0db2d8b2750543cd2ebb9ea8e6cdd3


-------- End of File, program close at 1331_19-01-2014 --------

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files\comicrack\changes.txt
c:\program files\comicrack\comicrack.engine.display.forms.dll
c:\program files\comicrack\comicrack.engine.dll
c:\program files\comicrack\comicrack.exe
c:\program files\comicrack\comicrack.exe.config
c:\program files\comicrack\comicrack.ini
c:\program files\comicrack\comicrack.plugins.dll
c:\program files\comicrack\comicrack.url
c:\program files\comicrack\cyo.common.dll
c:\program files\comicrack\cyo.common.presentation.dll
c:\program files\comicrack\cyo.common.windows.dll
c:\program files\comicrack\defaultlists.txt
c:\program files\comicrack\icsharpcode.sharpziplib.dll
c:\program files\comicrack\ironpython.dll
c:\program files\comicrack\ironpython.modules.dll
c:\program files\comicrack\license.txt
c:\program files\comicrack\microsoft.dynamic.dll
c:\program files\comicrack\microsoft.scripting.dll
c:\program files\comicrack\microsoft.scripting.metadata.dll
c:\program files\comicrack\microsoft.windowsapicodepack.dll
c:\program files\comicrack\microsoft.windowsapicodepack.shell.dll
c:\program files\comicrack\newstemplate.html
c:\program files\comicrack\readme.txt
c:\program files\comicrack\sharppdf.dll
c:\program files\comicrack\tao.opengl.dll
c:\program files\comicrack\tao.platform.windows.dll
c:\program files\comicrack\uninst.exe
c:\program files\comicrack\windows7.multitouch.dll
c:\program files\comicrack\help\comicrack introduction.djvu
c:\program files\comicrack\help\comicrack introduction.djvu.xml
c:\program files\comicrack\help\comicrack online manual.ini
c:\program files\comicrack\help\comicrack wiki.ini
c:\program files\comicrack\help\readme.txt
c:\program files\comicrack\languages\cs-cz.zip
c:\program files\comicrack\languages\de.zip
c:\program files\comicrack\languages\el-gr.zip
c:\program files\comicrack\languages\es.zip
c:\program files\comicrack\languages\fi.zip
c:\program files\comicrack\languages\fr.zip
c:\program files\comicrack\languages\hr.zip
c:\program files\comicrack\languages\hu.zip
c:\program files\comicrack\languages\it.zip
c:\program files\comicrack\languages\ja.zip
c:\program files\comicrack\languages\nl-be.zip
c:\program files\comicrack\languages\pl.zip
c:\program files\comicrack\languages\pt-br.zip
c:\program files\comicrack\languages\ru.zip
c:\program files\comicrack\languages\sk-sk.zip
c:\program files\comicrack\languages\tr.zip
c:\program files\comicrack\languages\zh-cn.zip
c:\program files\comicrack\languages\zh-hans.zip
c:\program files\comicrack\languages\zh.zip
c:\program files\comicrack\resources\7z.dll
c:\program files\comicrack\resources\7z.exe
c:\program files\comicrack\resources\7z64.dll
c:\program files\comicrack\resources\c44.exe
c:\program files\comicrack\resources\ddjvu.exe
c:\program files\comicrack\resources\djvm.exe
c:\program files\comicrack\resources\libdjvulibre.dll
c:\program files\comicrack\resources\libjpeg.dll
c:\program files\comicrack\resources\libtiff.dll
c:\program files\comicrack\resources\libz.dll
c:\program files\comicrack\resources\icons\ageratings.zip
c:\program files\comicrack\resources\icons\ageratings_australia.zip
c:\program files\comicrack\resources\icons\formats.zip
c:\program files\comicrack\resources\icons\publishers.zip
c:\program files\comicrack\resources\icons\special.zip
c:\program files\comicrack\scripts\autonumber.py
c:\program files\comicrack\scripts\commitproposed.py
c:\program files\comicrack\scripts\newcomics.py
c:\program files\comicrack\scripts\otherscripts.py
c:\program files\comicrack\scripts\package.ini
c:\program files\comicrack\scripts\sample.py
c:\program files\comicrack\scripts\sample.xml
c:\program files\comicrack\scripts\searchandreplace.py
scanner sequence 3.ZZ.11.GSAAS0
----- EOF -----

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 8175 Mb
Graphics Card: NVIDIA GeForce GTX 650, 1024 Mb
Hard Drives: C: Total - 190771 MB, Free - 46529 MB; D: Total - 476935 MB, Free - 71386 MB; F: Total - 953867 MB, Free - 37244 MB;
Motherboard: Gigabyte Technology Co., Ltd., H61M-USB3-B3
Antivirus: AVG AntiVirus Free Edition 2014, Updated and Enabled
Snarfeh
Active Member
 
Posts: 5
Joined: January 18th, 2014, 5:22 pm

Re: Twunk_32.exe*32 Removal

Unread postby pgmigg » January 19th, 2014, 2:34 pm

Where did the Microsoft Windows 7 Ultimate operating system come from?
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3179
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Twunk_32.exe*32 Removal

Unread postby Snarfeh » January 19th, 2014, 2:41 pm

Bought the OEM from a local PC store a few years back.
Snarfeh
Active Member
 
Posts: 5
Joined: January 18th, 2014, 5:22 pm

Re: Twunk_32.exe*32 Removal

Unread postby pgmigg » January 19th, 2014, 2:59 pm

Who was the manufacturer of your computer?
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3179
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Twunk_32.exe*32 Removal

Unread postby Snarfeh » January 19th, 2014, 3:00 pm

I built it myself.
Snarfeh
Active Member
 
Posts: 5
Joined: January 18th, 2014, 5:22 pm

Re: Twunk_32.exe*32 Removal

Unread postby pgmigg » January 19th, 2014, 3:18 pm

I'm sorry to say that the your OEM_SLP license belongs to the Dell manufacturer and cannot be valid on your machine.

As you are in need of a valid license, I am requesting the thread be closed for an illegal operating system.

When you get a new license, post in a new thread with all fresh:
  1. DDS and Attach logs
  2. MGA log
  3. Windows Validation Check
  4. A link to this thread

pgmigg
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3179
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Twunk_32.exe*32 Removal

Unread postby Snarfeh » January 19th, 2014, 3:32 pm

Oh, ok. Thanks anyways.
Snarfeh
Active Member
 
Posts: 5
Joined: January 18th, 2014, 5:22 pm

Re: Twunk_32.exe*32 Removal

Unread postby Cypher » January 20th, 2014, 7:00 am

Cracked - Illegal Software

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 56 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware