Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Ihave a virus on my computer but I dont know howto remove it

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Ihave a virus on my computer but I dont know howto remove it

Unread postby liam5 » February 20th, 2013, 7:59 am

Before I found this forum, I scanned my computer with spybot search and destroy, It found serveral viruses but it didn't fully remove all of them. I tried using Vundofix, because I saw that some of the viruses were vundo trojans. However Vundofix found nothing, so I don't really know how to get rid of them :(. If someone could direct me on how to get rid of these viruses, I would very much appeciate it.
Thanks in advance.







DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2
Run by user at 11:56:33 on 2013-02-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3071.983 [GMT 0:00]
.
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearch Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
IE: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
IE: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Turbo Internet: Bookmark this page - C:\Program Files (x86)\Turbo Internet\exts\addFav.html
IE: Turbo Internet: Download this link - C:\Program Files (x86)\Turbo Internet\exts\dl.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{992CA1D5-352F-4FBD-9840-73F786C5B69D} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{E567FE5E-8C6F-4A72-94F9-36A585920C85} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: skype.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-IFEO: skype.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Hosts: 192.168.1.65 blackshades.ru
Hosts: 192.168.1.65 bshades.eu
Hosts: 192.168.1.65 bsbackup.mine.nu
Hosts: 192.168.1.65 blackshades.info
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-12-21 57904]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2013-1-13 25056]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-12-21 213416]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-12-21 59440]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-12-21 1333424]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-10 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-10 682344]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-1-31 2402080]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2013-1-13 1256192]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-10 24176]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2012-12-18 29288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 athrusb;Belkin Wireless LAN USB device driver;C:\Windows\System32\drivers\athrxusb.sys [2008-7-28 1075712]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-15 1255736]
S3 WsAudio_Device;WsAudio_Device;C:\Windows\System32\drivers\VirtualAudio.sys [2013-1-10 31080]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
S4 lxdq_device;lxdq_device;C:\Windows\System32\lxdqcoms.exe -service --> C:\Windows\System32\lxdqcoms.exe -service [?]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-7 161384]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-15 3467768]
S4 WSWNDA3100v2;WSWNDA3100v2;C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2013-1-13 303360]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-02-19 21:27:26 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AE15795-6AB1-4C63-BF11-A2DF4760DB5D}\mpengine.dll
2013-02-17 21:46:16 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-17 15:28:41 -------- d-----w- C:\Users\user\AppData\Roaming\YGOPro
2013-02-17 15:27:42 -------- d-----w- C:\Users\user\AppData\Roaming\DevPro
2013-02-17 15:11:57 -------- d-----w- C:\Users\user\AppData\Roaming\EQATEC Analytics
2013-02-17 15:10:48 -------- d-----w- C:\ProgramData\SpeedBit
2013-02-17 15:10:20 172032 ----a-w- C:\Windows\SysWow64\AniGIF.ocx
2013-02-17 15:09:27 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedBit
2013-02-16 21:36:48 -------- d-----w- C:\Users\user\AppData\Local\Geckofx
2013-02-15 18:46:23 35104 ----a-w- C:\Windows\System32\TURegOpt.exe
2013-02-15 18:46:21 26400 ----a-w- C:\Windows\System32\authuitu.dll
2013-02-15 18:46:21 21792 ----a-w- C:\Windows\SysWow64\authuitu.dll
2013-02-15 18:46:02 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013
2013-02-14 10:07:24 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-13 17:48:20 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 17:48:20 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 12:10:31 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 12:10:31 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 12:10:30 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 12:10:24 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 12:10:23 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 12:10:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 12:10:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 12:10:23 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 12:10:23 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 12:10:22 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 12:10:21 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 12:10:21 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-12 18:20:37 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2013-02-12 18:20:01 -------- d-----w- C:\Windows\PCHEALTH
2013-02-12 18:20:01 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-02-12 18:16:37 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-02-12 18:15:55 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-02-12 11:06:52 91264 ----a-w- C:\Windows\SysWow64\EasyHook32.dll
2013-02-09 18:24:19 -------- d-----w- C:\wordpress
2013-02-09 14:29:12 -------- d-----w- C:\Program Files (x86)\Total Video Converter
2013-02-05 17:16:34 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-02-05 17:08:50 -------- d-----w- C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com
2013-02-05 17:08:32 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2013-02-05 17:08:21 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-02-05 17:08:21 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-02-03 14:04:34 -------- d-----w- C:\Users\user\AppData\Roaming\ESET
2013-02-03 14:04:34 -------- d-----w- C:\Users\user\AppData\Local\ESET
2013-02-03 14:01:45 -------- d-----w- C:\Program Files\ESET
2013-02-02 19:33:57 -------- d-----w- C:\Program Files\Defraggler
2013-02-02 19:30:32 -------- d-----w- C:\Users\user\AppData\Roaming\TuneUp Software
2013-02-02 19:29:42 -------- d-----w- C:\ProgramData\TuneUp Software
2013-02-02 19:29:31 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-02-01 13:13:54 -------- d-----w- C:\Program Files (x86)\ESET
2013-02-01 12:48:39 -------- d-----w- C:\Program Files (x86)\Skillbrains
2013-02-01 12:48:37 -------- d-----w- C:\Users\user\AppData\Local\Skillbrains
2013-01-30 22:34:56 -------- d-----w- C:\Users\user\AppData\Roaming\PDAppFlex
2013-01-30 17:12:10 -------- d-----w- C:\Users\user\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-01-29 20:18:13 -------- d-----w- C:\ProgramData\OUTLAWS
2013-01-28 18:53:20 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2013-01-25 00:21:35 -------- d-----w- C:\Users\user\workspace
2013-01-24 17:34:50 -------- d-----w- C:\Users\user\.projrs06
2013-01-24 16:58:36 23552 ----a-w- C:\FreeTheWadsGUI.exe
2013-01-24 16:48:33 868352 ----a-w- C:\cygcrypto-0.9.8.dll
2013-01-24 16:48:33 1873396 ----a-w- C:\cygwin1.dll
2013-01-24 16:48:33 13894 ----a-w- C:\freethewads.exe
2013-01-21 19:07:47 -------- d-----w- C:\Users\user\ZarporCache
2013-01-21 18:26:25 -------- d-----w- C:\Program Files (x86)\HMA! Pro VPN
2013-01-21 12:14:59 -------- d-----w- C:\Users\user\SilGar
2013-01-21 12:05:24 -------- d-----w- C:\Users\user\.ultimatescape
.
==================== Find3M ====================
.
2013-02-17 21:46:02 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-02-17 21:46:02 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-03 10:01:35 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-01-03 10:01:35 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-12-21 13:09:28 57904 ----a-w- C:\Windows\System32\drivers\epfwwfp.sys
2012-12-21 13:09:24 59440 ----a-w- C:\Windows\System32\drivers\EpfwLWF.sys
2012-12-21 13:09:24 190232 ----a-w- C:\Windows\System32\drivers\epfw.sys
2012-12-21 13:08:54 150616 ----a-w- C:\Windows\System32\drivers\ehdrv.sys
2012-12-21 13:08:18 213416 ----a-w- C:\Windows\System32\drivers\eamonm.sys
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-14 16:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-14 14:39:15 959976 ----a-w- C:\Windows\System32\deployJava1.dll
2012-12-14 14:39:15 1081320 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-12-12 17:38:14 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2012-12-09 09:51:20 126944 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-12-03 15:47:14 9271352 ----a-w- C:\Windows\System32\nvcuda.dll
2012-12-01 05:49:25 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-12-01 05:49:25 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-12-01 05:49:24 890216 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-12-01 05:48:41 6223208 ----a-w- C:\Windows\System32\nvcpl.dll
2012-12-01 05:48:37 3311464 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-11-30 22:43:52 438632 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
.
============= FINISH: 11:57:06.68 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/12/2012 5:13:56 PM
System Uptime: 2/20/2013 11:06:40 AM (0 hours ago)
.
Motherboard: Acer | | WMCP78M
Processor: AMD Phenom(tm) 9650 Quad-Core Processor | Socket AM2 | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 290 GiB total, 53.651 GiB free.
D: is FIXED (NTFS) - 287 GiB total, 236.284 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP128: 2/14/2013 10:27:51 AM - Installed TuneUp Utilities 2013
RP129: 2/14/2013 11:27:44 AM - Installed Java 7 Update 13
RP130: 2/15/2013 6:39:44 PM - Removed TuneUp Utilities 2013
RP131: 2/15/2013 6:40:15 PM - Revo Uninstaller's restore point - TuneUp Utilities 2013
RP132: 2/15/2013 6:40:36 PM - Removed TuneUp Utilities 2013
RP133: 2/15/2013 6:43:09 PM - Removed TuneUp Utilities Language Pack (en-US)
RP134: 2/15/2013 6:45:45 PM - Installed TuneUp Utilities 2013
RP135: 2/17/2013 1:44:41 PM - Removed Java 7 Update 13
RP136: 2/17/2013 3:28:08 PM - Installed DevPro YGO Launcher
RP137: 2/17/2013 7:56:15 PM - Revo Uninstaller's restore point - Download Accelerator Plus (DAP)
RP138: 2/17/2013 9:45:37 PM - Installed Java 7 Update 13
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20
Action Replay Code Manager
Adobe Dreamweaver CS6
Adobe Photoshop CS6
liam5
Active Member
 
Posts: 4
Joined: February 20th, 2013, 7:43 am
Advertisement
Register to Remove

Re: Ihave a virus on my computer but I dont know howto remov

Unread postby deltalima » February 21st, 2013, 6:11 pm

checking your post - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Ihave a virus on my computer but I dont know howto remov

Unread postby deltalima » February 21st, 2013, 6:17 pm

Hi liam5,

Welcome to the forum.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please do not run any scans or make any changes to the system unless I ask you too.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Please Note:
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file and selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator

Remove P2P Programs

  • I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    µTorrent


  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

  • Click on start
  • Then Run
  • In the open text entry box please copy/paste appwiz.cpl Then click enter.
  • Press the "Remove" or "Change/Remove"...button to uninstall the programs listed above (in red) and any other P2P you have installed NOW.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.


The DDS Attach.txt log that you posted is incomplete.

Please run DDS again and post both logs in full.

CKScanner

  • Please download CKScanner from here to your Desktop.
  • Make sure that CKScanner.exe is on the your Desktop before running the application!
  • Double-click on CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved
  • Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Next

  • Please download this tool from Microsoft.
  • Double click on MGADiag.exe to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

codecheck

  • Please download codecheck from here to your Desktop.
  • Make sure that codecheck.exe is on the your Desktop before running the application!
  • Double-click on codecheck.exe.
  • After a very short time a codecheck.txt icon will appear on your Desktop
  • Double-click on the codecheck.txt icon on your Desktop and copy/paste the contents in your next reply.

Please let me know if the computer is used for business in any way.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Ihave a virus on my computer but I dont know howto remov

Unread postby liam5 » February 21st, 2013, 6:53 pm

Hi, thanks for responding to my topic :). I do not use my computer for any business at all, I am just a home user. I only share my computer with my older brother.
Sorry about the dds logs I thought I posted them in full last time :S. Here are all the logs that you requested. I just realised that my brother has installed some crack software, after reading through the csscanner log. If I remove these cracks, would you still continue to assist me? Many thanks for your help so far dude :).
I removed Utorrent :).


Here are all the logs starting with the dds logs.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: BrowserJavaVersion: 10.13.2
Run by user at 22:46:24 on 2013-02-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3071.1579 [GMT 0:00]
.
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Users\user\AppData\Local\Skillbrains\lightshot\3.2.0.5\LightShot.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearch Page = hxxp://search.b1.org/?bsrc=4hixr&chid=c162341
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm
IE: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm
IE: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Turbo Internet: Bookmark this page - C:\Program Files (x86)\Turbo Internet\exts\addFav.html
IE: Turbo Internet: Download this link - C:\Program Files (x86)\Turbo Internet\exts\dl.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{992CA1D5-352F-4FBD-9840-73F786C5B69D} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{E567FE5E-8C6F-4A72-94F9-36A585920C85} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: skype.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-IFEO: skype.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Hosts: 192.168.1.65 blackshades.ru
Hosts: 192.168.1.65 bshades.eu
Hosts: 192.168.1.65 bsbackup.mine.nu
Hosts: 192.168.1.65 blackshades.info
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ih6etmmc.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-12-21 57904]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2013-1-13 25056]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-12-21 213416]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-12-21 59440]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-12-21 1333424]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-10 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-10 682344]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-20 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-20 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-20 168384]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-1-31 2402080]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2013-1-13 1256192]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-10 24176]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys [2012-12-18 29288]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys [2012-12-18 29288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 athrusb;Belkin Wireless LAN USB device driver;C:\Windows\System32\drivers\athrxusb.sys [2008-7-28 1075712]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-15 1255736]
S3 WsAudio_Device;WsAudio_Device;C:\Windows\System32\drivers\VirtualAudio.sys [2013-1-10 31080]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
S4 lxdq_device;lxdq_device;C:\Windows\System32\lxdqcoms.exe -service --> C:\Windows\System32\lxdqcoms.exe -service [?]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-7 161384]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-15 3467768]
S4 WSWNDA3100v2;WSWNDA3100v2;C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2013-1-13 303360]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-02-21 22:42:52 -------- d-----w- C:\MGADiagToolOutput
2013-02-21 21:27:28 -------- d-----w- C:\Users\user\AppData\Roaming\uTorrent
2013-02-21 19:44:11 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AE15795-6AB1-4C63-BF11-A2DF4760DB5D}\offreg.dll
2013-02-21 16:03:06 -------- d-----w- C:\Users\user\AppData\Local\Mozilla
2013-02-20 17:19:59 -------- d-----w- C:\VundoFix Backups
2013-02-20 15:27:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-02-20 15:27:11 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-02-20 15:27:05 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-02-19 21:27:26 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AE15795-6AB1-4C63-BF11-A2DF4760DB5D}\mpengine.dll
2013-02-17 21:46:16 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-17 15:28:41 -------- d-----w- C:\Users\user\AppData\Roaming\YGOPro
2013-02-17 15:27:42 -------- d-----w- C:\Users\user\AppData\Roaming\DevPro
2013-02-17 15:11:57 -------- d-----w- C:\Users\user\AppData\Roaming\EQATEC Analytics
2013-02-17 15:10:48 -------- d-----w- C:\ProgramData\SpeedBit
2013-02-17 15:10:20 172032 ----a-w- C:\Windows\SysWow64\AniGIF.ocx
2013-02-17 15:09:27 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedBit
2013-02-16 21:36:48 -------- d-----w- C:\Users\user\AppData\Local\Geckofx
2013-02-15 18:46:23 35104 ----a-w- C:\Windows\System32\TURegOpt.exe
2013-02-15 18:46:21 26400 ----a-w- C:\Windows\System32\authuitu.dll
2013-02-15 18:46:21 21792 ----a-w- C:\Windows\SysWow64\authuitu.dll
2013-02-15 18:46:02 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013
2013-02-14 10:07:24 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-13 17:48:20 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 17:48:20 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 12:10:31 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 12:10:31 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 12:10:30 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 12:10:24 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 12:10:23 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 12:10:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 12:10:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 12:10:23 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 12:10:23 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 12:10:22 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 12:10:21 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 12:10:21 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-12 18:20:37 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2013-02-12 18:20:01 -------- d-----w- C:\Windows\PCHEALTH
2013-02-12 18:20:01 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-02-12 18:16:37 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-02-12 18:15:55 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-02-12 11:06:52 91264 ----a-w- C:\Windows\SysWow64\EasyHook32.dll
2013-02-09 18:24:19 -------- d-----w- C:\wordpress
2013-02-09 14:29:12 -------- d-----w- C:\Program Files (x86)\Total Video Converter
2013-02-05 17:16:34 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-02-05 17:08:50 -------- d-----w- C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com
2013-02-05 17:08:32 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2013-02-05 17:08:21 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-02-05 17:08:21 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-02-03 14:04:34 -------- d-----w- C:\Users\user\AppData\Roaming\ESET
2013-02-03 14:04:34 -------- d-----w- C:\Users\user\AppData\Local\ESET
2013-02-03 14:01:45 -------- d-----w- C:\Program Files\ESET
2013-02-02 19:33:57 -------- d-----w- C:\Program Files\Defraggler
2013-02-02 19:30:32 -------- d-----w- C:\Users\user\AppData\Roaming\TuneUp Software
2013-02-02 19:29:42 -------- d-----w- C:\ProgramData\TuneUp Software
2013-02-02 19:29:31 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-02-01 13:13:54 -------- d-----w- C:\Program Files (x86)\ESET
2013-02-01 12:48:39 -------- d-----w- C:\Program Files (x86)\Skillbrains
2013-02-01 12:48:37 -------- d-----w- C:\Users\user\AppData\Local\Skillbrains
2013-01-30 22:34:56 -------- d-----w- C:\Users\user\AppData\Roaming\PDAppFlex
2013-01-30 17:12:10 -------- d-----w- C:\Users\user\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-01-29 20:18:13 -------- d-----w- C:\ProgramData\OUTLAWS
2013-01-28 18:53:20 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2013-01-25 00:21:35 -------- d-----w- C:\Users\user\workspace
2013-01-24 17:34:50 -------- d-----w- C:\Users\user\.projrs06
2013-01-24 16:58:36 23552 ----a-w- C:\FreeTheWadsGUI.exe
2013-01-24 16:48:33 1873396 ----a-w- C:\cygwin1.dll
2013-01-24 16:48:33 13894 ----a-w- C:\freethewads.exe
.
==================== Find3M ====================
.
2013-02-17 21:46:02 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-02-17 21:46:02 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-03 10:01:35 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-01-03 10:01:35 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-12-21 13:09:28 57904 ----a-w- C:\Windows\System32\drivers\epfwwfp.sys
2012-12-21 13:09:24 59440 ----a-w- C:\Windows\System32\drivers\EpfwLWF.sys
2012-12-21 13:09:24 190232 ----a-w- C:\Windows\System32\drivers\epfw.sys
2012-12-21 13:08:54 150616 ----a-w- C:\Windows\System32\drivers\ehdrv.sys
2012-12-21 13:08:18 213416 ----a-w- C:\Windows\System32\drivers\eamonm.sys
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-14 16:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-14 14:39:15 959976 ----a-w- C:\Windows\System32\deployJava1.dll
2012-12-14 14:39:15 1081320 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-12-12 17:38:14 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2012-12-09 09:51:20 126944 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-12-03 15:47:14 9271352 ----a-w- C:\Windows\System32\nvcuda.dll
2012-12-01 05:49:25 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-12-01 05:49:25 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-12-01 05:49:24 890216 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-12-01 05:48:41 6223208 ----a-w- C:\Windows\System32\nvcpl.dll
2012-12-01 05:48:37 3311464 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-11-30 22:43:52 438632 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 22:46:36.18 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/12/2012 5:13:56 PM
System Uptime: 2/21/2013 3:22:43 PM (7 hours ago)
.
Motherboard: Acer | | WMCP78M
Processor: AMD Phenom(tm) 9650 Quad-Core Processor | Socket AM2 | 2300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 290 GiB total, 96.708 GiB free.
D: is FIXED (NTFS) - 287 GiB total, 236.284 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP135: 2/17/2013 1:44:41 PM - Removed Java 7 Update 13
RP136: 2/17/2013 3:28:08 PM - Installed DevPro YGO Launcher
RP137: 2/17/2013 7:56:15 PM - Revo Uninstaller's restore point - Download Accelerator Plus (DAP)
RP138: 2/17/2013 9:45:37 PM - Installed Java 7 Update 13
RP139: 2/20/2013 5:01:56 PM - Windows Modules Installer
RP140: 2/20/2013 5:18:39 PM - before v
RP141: 2/20/2013 7:24:04 PM - Revo Uninstaller's restore point - µTorrent
RP142: 2/20/2013 7:24:36 PM - Revo Uninstaller's restore point - µTorrent
.
==== Installed Programs ======================
.
Action Replay Code Manager
Adobe Dreamweaver CS6
Adobe Photoshop CS6
Adobe Reader XI (11.0.01)
Adobe Widget Browser
Amnesia - The Dark Descent
CCleaner
CleanMem
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler
DevPro YGO Launcher
ESET Online Scanner v3
ESET Smart Security
Fallout 3
Fallout 3 - The Garden of Eden Creation Kit
Google Chrome
Google Update Helper
Java Auto Updater
Junk Mail filter update
Lexmark Z2400 Series
lightshot-3.2.0.5
Malwarebytes Anti-Malware version 1.70.0.1100
Mario Kart Wii Code Generator
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 19.0 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NETGEAR WNDA3100v2 wireless USB 2.0 adapter
NVIDIA 3D Vision Controller Driver 310.70
NVIDIA 3D Vision Driver 310.70
NVIDIA Control Panel 310.70
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA Graphics Driver 310.70
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
PDF Settings CS6
Photo Common
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
SDFormatter
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
ShareX 6.6.1.283
Simple Port Forwarding
Skype™ 6.2
Spotify
Spybot - Search & Destroy
SpywareBlaster 4.6
SUPERAntiSpyware
TeamViewer 8
Total Video Converter 3.71 100812
TuneUp Utilities 2013
TuneUp Utilities Language Pack (en-US)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
2/21/2013 9:35:33 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
2/21/2013 9:34:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TuneUp.UtilitiesSvc with arguments "" in order to run the server: {5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}
2/21/2013 9:34:21 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
2/21/2013 9:31:10 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2/21/2013 9:31:10 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
2/21/2013 9:31:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/21/2013 9:31:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/21/2013 9:31:01 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache eamonm ehdrv EpfwLWF NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/21/2013 9:31:00 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/20/2013 5:49:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
2/18/2013 10:38:58 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR5.
2/17/2013 7:52:50 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
2/14/2013 1:12:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
.
==== End Of File ===========================

CKScanner 2.1 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\adobe\adobe dreamweaver cs6\configuration\taglibraries\html\keygen.vtm
c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack.snt
c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack01.ogg
c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack02.ogg
c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack03.ogg
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue.mat
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue01.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue01.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue02.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue02.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue03.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue03.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue04.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue04.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue_back.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue_back.mat
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown.mat
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown01.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown01.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown02.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown02.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown03.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown03.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown04.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown04.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown_back.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown_back.mat
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_nrm.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_spec.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
c:\users\user\desktop\usb\removewat by sunsmide.blogspot.in.exe
c:\users\user\downloads\mri5.7.0.5.16.12cracked.iso
c:\users\user\downloads\removewat by sunsmide.blogspot.in.exe
c:\users\user\downloads\adobe dreamweaver cs6 crack .dll files\patch\readme or despair (at installing this).txt
c:\users\user\downloads\adobe dreamweaver cs6 crack .dll files\patch\32bit\amtlib.dll
c:\users\user\downloads\adobe dreamweaver cs6 crack .dll files\patch\64bit\amtlib.dll
c:\users\user\downloads\adobe photoshop cs6 extended crack .dll files\patch\readme or despair (at installing this).txt
c:\users\user\downloads\adobe photoshop cs6 extended crack .dll files\patch\32bit\amtlib.dll
c:\users\user\downloads\adobe photoshop cs6 extended crack .dll files\patch\64bit\amtlib.dll
c:\users\user\downloads\skyrim dawnguard dlc\skidrow crack.url
scanner sequence 3.ZZ.11.WGAPCR
----- EOF -----

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0x8004FE22
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-WJ2H8-R6B6D-7QJB7
Windows Product Key Hash: ckKNc+BBPDWmo1LUlOkraNjlQ34=
Windows Product ID: 00359-OEM-8992687-00006
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {20FE8936-9E32-4CB5-BE24-7BDCFF3E7BC2}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.130104-1431
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\Windows\system32\sppcomapi.dll[Hr = 0x80070005]
File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
File Mismatch: C:\Windows\system32\en-US\user32.dll.mui[6.1.7601.17514], Hr = 0x800b0100

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{20FE8936-9E32-4CB5-BE24-7BDCFF3E7BC2}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-7QJB7</PKey><PID>00359-OEM-8992687-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-442550471-1765484414-2884495992</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Aspire X3200</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>R01-B0</Version><SMBIOSVersion major="2" minor="5"/><Date>20090303000000.000000+000</Date></BIOS><HWID>10763C07018400F2</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00178-926-800006-02-1033-7601.0000-3472012
Installation ID: 021020657061991445775913283872948741665495527094651981
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 7QJB7
License Status: Notification
Notification Reason: 0xC004F063.
Remaining Windows rearm count: 3
Trusted time: 2/21/2013 10:41:47 PM

Windows Activation Technologies-->
HrOffline: 0x8004FE22
HrOnline: N/A
HealthStatus: 0x0000000000002000
Event Time Stamp: 2:19:2013 17:36
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui


HWID Data-->
HWID Hash Current: PgAAAAEAAwABAAIAAAAHAAAAAgABAAEAeqigcvjj7hKWkgB1ghsmtiimgjKct9QjphiojRKp0gw2fmMy1sc=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x0
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ACRSYS ACRPRDCT
FACP ACRSYS ACRPRDCT
HPET ACRSYS ACRPRDCT
MCFG ACRSYS ACRPRDCT
SSDT PTLTD POWERNOW
SLIC ACRSYS ACRPRDCT


Codecheck Version 1.0

02021
liam5
Active Member
 
Posts: 4
Joined: February 20th, 2013, 7:43 am

Re: Ihave a virus on my computer but I dont know howto remov

Unread postby deltalima » February 21st, 2013, 7:14 pm

Unlicensed software

There are clear signs in the logs that you have software installed for which you do not have a valid license.

Our forum policy Here says we will not help people who use cracked or pirated software.

This topic will now be closed.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 280 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware