Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Can't remove iLivid

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Can't remove iLivid

Unread postby noospy » June 16th, 2013, 12:51 pm

Hi everyone. I fear my family PC isn't clean. We have 3 accounts: mine (admin), my mother's and my father's. On my mother's account I found the iLivid icon on the desktop along with another icon called "Play more games". I'm not sure of what iLivid does but I don't trust it. She might have downloaded and installed it by clicking on a false "download button". I tried my best to remove it, using my AV (Avast free) and installing Malwarebytes and CCleaner, but they couldn't identify it. I know where the files are located but I want to be sure I completely remove it.
I also have to tell you that some months ago my dad's account has been infected by the Ukash virus (or similar to), which I managed to remove but, I fear, not completely. I still get an error message every time my dad's account is loaded.
So I'd like to first remove iLivid and then be sure this PC is clean for every account. Can you help me? Thanks a lot.

Dario

Here is my DDS log: DDS.txt
Code: Select all
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16611  BrowserJavaVersion: 10.21.2
Run by Dario at 18:48:51 on 2013-06-16
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.39.1040.18.4078.2035 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\AsHookDevice.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\WinService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [ASUS Easy Update] C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Dario\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Dario\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&sporta in Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 62.101.93.101 83.103.25.250
TCP: Interfaces\{02963402-706B-4D6E-8A39-CDB8B2ECAF1A} : DHCPNameServer = 62.101.93.101 83.103.25.250
TCP: Interfaces\{14940159-B917-44E1-8832-B5F347BFD0D0} : DHCPNameServer = 62.101.93.101 83.103.25.250
TCP: Interfaces\{14940159-B917-44E1-8832-B5F347BFD0D0}\14962705F62747 : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{14940159-B917-44E1-8832-B5F347BFD0D0}\46C696E6B6 : DHCPNameServer = 78.46.86.74 212.117.175.185
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\System32\drivers\AiChargerPlus.sys [2011-12-5 14464]
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-12-5 36448]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-17 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-17 189936]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2012-3-31 25312]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-5-13 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-5-13 378432]
R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2012-9-19 57976]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-12-5 922240]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2011-12-5 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-12-5 586880]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-5-13 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-5-13 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-28 46808]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2011-12-5 203392]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2011-12-5 32544]
R2 SCM_Service;SCM_Service;C:\Windows\SysWOW64\WinService.exe [2012-3-31 186848]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-8-17 379496]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-5 2656280]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-22 129000]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-22 394216]
R3 EMVSCARD;EMVSCARD;C:\Windows\System32\drivers\EMVSCARD.sys [2006-12-13 28544]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2012-3-31 36328]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-9-19 102368]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-12-5 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-14 1492840]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-5 317440]
S3 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2011-11-22 293416]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-11-22 1488448]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-11-22 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-11-22 181248]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\System32\drivers\wg111v2.sys [2012-3-31 450048]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-12-5 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-12-5 29472]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2012-3-31 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2012-3-31 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2012-3-31 177640]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-9-19 203104]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-12-5 48416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-12-5 29472]
S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-2 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-06-16 15:06:50	--------	d-----w-	C:\Program Files\CCleaner
2013-06-16 14:49:40	--------	d-----w-	C:\Users\Dario\AppData\Roaming\Malwarebytes
2013-06-16 14:49:32	--------	d-----w-	C:\ProgramData\Malwarebytes
2013-06-16 14:49:31	25928	----a-w-	C:\Windows\System32\drivers\mbam.sys
2013-06-16 14:49:30	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-16 10:14:51	--------	d-----w-	C:\Program Files (x86)\InfoCert
2013-06-14 21:17:30	9460464	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{320A29A8-58B3-4AB5-B06C-394D5CDFB28A}\mpengine.dll
2013-06-13 22:57:00	701952	----a-w-	C:\Program Files\Internet Explorer\ieproxy.dll
2013-06-13 22:57:00	356352	----a-w-	C:\Program Files\Internet Explorer\IEShims.dll
2013-06-13 22:57:00	2706432	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2013-06-13 22:57:00	2706432	----a-w-	C:\Windows\System32\mshtml.tlb
2013-06-13 22:57:00	257536	----a-w-	C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2013-06-13 21:43:11	1910632	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2013-06-13 21:43:08	751104	----a-w-	C:\Windows\System32\win32spl.dll
2013-06-13 21:43:08	492544	----a-w-	C:\Windows\SysWow64\win32spl.dll
2013-06-13 21:43:04	30720	----a-w-	C:\Windows\System32\cryptdlg.dll
2013-06-13 21:43:04	24576	----a-w-	C:\Windows\SysWow64\cryptdlg.dll
2013-06-13 21:43:02	1424384	----a-w-	C:\Windows\System32\WindowsCodecs.dll
2013-06-13 21:43:01	1230336	----a-w-	C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-13 21:42:59	1192448	----a-w-	C:\Windows\System32\certutil.exe
2013-06-13 21:42:58	903168	----a-w-	C:\Windows\SysWow64\certutil.exe
2013-06-13 21:42:58	52224	----a-w-	C:\Windows\System32\certenc.dll
2013-06-13 21:42:58	43008	----a-w-	C:\Windows\SysWow64\certenc.dll
2013-06-13 21:42:58	184320	----a-w-	C:\Windows\System32\cryptsvc.dll
2013-06-13 21:42:58	1464320	----a-w-	C:\Windows\System32\crypt32.dll
2013-06-13 21:42:58	140288	----a-w-	C:\Windows\SysWow64\cryptsvc.dll
2013-06-13 21:42:58	139776	----a-w-	C:\Windows\System32\cryptnet.dll
2013-06-13 21:42:58	1160192	----a-w-	C:\Windows\SysWow64\crypt32.dll
2013-06-13 21:42:58	103936	----a-w-	C:\Windows\SysWow64\cryptnet.dll
2013-06-13 21:42:50	1887232	----a-w-	C:\Windows\System32\d3d11.dll
2013-06-13 21:42:50	1505280	----a-w-	C:\Windows\SysWow64\d3d11.dll
2013-06-03 21:40:14	--------	d-----w-	C:\ProgramData\Freemake
2013-06-03 21:39:58	--------	d-----w-	C:\Program Files (x86)\Freemake
2013-06-03 21:39:08	--------	d-----w-	C:\Users\Dario\AppData\Local\Programs
2013-05-30 11:23:24	--------	d-----w-	C:\Python27
2013-05-30 10:36:17	--------	d-----w-	C:\Users\Dario\.idlerc
2013-05-29 17:58:38	--------	d-----w-	C:\Users\Dario\AppData\Roaming\Arduino
2013-05-26 12:23:23	--------	d-----w-	C:\Users\Dario\AppData\Roaming\uTorrent
2013-05-18 17:09:27	983400	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-18 17:09:26	265064	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
2013-05-18 17:09:26	144384	----a-w-	C:\Windows\System32\cdd.dll
2013-05-18 17:09:14	1930752	----a-w-	C:\Windows\System32\authui.dll
2013-05-18 17:09:12	1796096	----a-w-	C:\Windows\SysWow64\authui.dll
2013-05-18 17:09:12	111448	----a-w-	C:\Windows\System32\consent.exe
2013-05-18 17:09:03	70144	----a-w-	C:\Windows\System32\appinfo.dll
2013-05-18 17:08:51	48640	----a-w-	C:\Windows\System32\wwanprotdim.dll
2013-05-18 17:08:51	230400	----a-w-	C:\Windows\System32\wwansvc.dll
2013-05-18 17:08:50	3153920	----a-w-	C:\Windows\System32\win32k.sys
.
==================== Find3M  ====================
.
2013-05-29 17:47:58	71048	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-29 17:47:58	692104	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-17 01:25:57	1767936	----a-w-	C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27	2877440	----a-w-	C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26	61440	----a-w-	C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26	109056	----a-w-	C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03	2241024	----a-w-	C:\Windows\System32\wininet.dll
2013-05-17 00:58:10	3958784	----a-w-	C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08	67072	----a-w-	C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08	136704	----a-w-	C:\Windows\System32\iesysprep.dll
2013-05-15 20:44:26	3003392	----a-w-	C:\Windows\System32\python27.dll
2013-05-14 12:23:25	89600	----a-w-	C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13	71680	----a-w-	C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-05-09 18:38:51	9728	---ha-w-	C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-09 08:59:07	72016	----a-w-	C:\Windows\System32\drivers\aswRdr2.sys
2013-05-09 08:59:07	65336	----a-w-	C:\Windows\System32\drivers\aswRvrt.sys
2013-05-09 08:59:07	189936	----a-w-	C:\Windows\System32\drivers\aswVmm.sys
2013-05-09 08:59:07	1025808	----a-w-	C:\Windows\System32\drivers\aswSnx.sys
2013-05-09 08:59:06	80816	----a-w-	C:\Windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:58:37	41664	----a-w-	C:\Windows\avastSS.scr
2013-05-02 00:06:08	278800	------w-	C:\Windows\System32\MpSigStub.exe
2013-04-28 14:40:59	95648	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-28 14:40:58	866720	----a-w-	C:\Windows\SysWow64\npDeployJava1.dll
2013-04-28 14:40:58	788896	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2013-04-13 05:49:23	135168	----a-w-	C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19	350208	----a-w-	C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19	308736	----a-w-	C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19	111104	----a-w-	C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16	474624	----a-w-	C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15	2176512	----a-w-	C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08	1656680	----a-w-	C:\Windows\System32\drivers\ntfs.sys
2013-03-19 06:04:06	5550424	----a-w-	C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56	43520	----a-w-	C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13	3968856	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10	3913560	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50	6656	----a-w-	C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33	112640	----a-w-	C:\Windows\System32\smss.exe
.
============= FINISH: 18:49:06,72 ===============

Attach.txt
Code: Select all
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 31/03/2012 15:17:30
System Uptime: 16/06/2013 16:58:38 (2 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. |  | CM6630_CM6730_CM6830.
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz | LGA1155 | 1590/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 279 GiB total, 220,627 GiB free.
D: is FIXED (NTFS) - 405 GiB total, 290,75 GiB free.
E: is CDROM ()
F: is Removable
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP150: 29/05/2013 19:56:15 - Installazione pacchetto driver di dispositivo: Arduino LLC (www.arduino.cc) Porte (COM e LPT)
RP151: 29/05/2013 21:20:56 - Installazione pacchetto driver di dispositivo: PJRC.COM, LLC. Porte (COM e LPT)
RP152: 30/05/2013 12:27:11 - Installed Python 3.3.2 (64-bit)
RP153: 30/05/2013 13:21:29 - Removed Python 3.3.2 (64-bit)
RP154: 30/05/2013 13:23:09 - Installed Python 2.7.5
RP155: 30/05/2013 14:20:00 - Removed Python 2.7.5
RP156: 30/05/2013 14:21:48 - Installed Python 2.7.5 (64-bit)
RP157: 03/06/2013 19:47:53 - Removed Xirrus Wi-Fi Inspector.
RP158: 05/06/2013 22:33:21 - Windows Update
RP159: 13/06/2013 23:42:47 - Windows Update
RP160: 14/06/2013 00:56:15 - Windows Update
RP161: 16/06/2013 12:04:22 - Installed DiKe Pro 5.4.0.
RP162: 16/06/2013 12:08:23 - Removed DiKe Pro 5.4.0.
RP163: 16/06/2013 12:14:37 - Installed DiKePDF 5.3.1.
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.7) MUI
Advertising Center
AI Manager
AI Suite II
Apple Software Update
ASUS Backup Wizard
ASUS Easy Update
ASUS WebStorage
AsusVibe2.0
µTorrent
avast! Free Antivirus
Bonjour
CCleaner
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DiKePDF 5.3.1
Dropbox
F24 On Line
FileInternet
Freemake Video Converter versione 4.0.1
Galeria de Fotografias do Windows Live
Gerico2012
Google Chrome
Google Earth Plug-in
Google Update Helper
GTA San Andreas
HFSExplorer 0.21
ImagXpress
Intel(R) Management Engine Components
J2SE Runtime Environment 5.0 Update 16
Java 7 Update 21
Java Auto Updater
Java(TM) 6 Update 31
JavaFX 2.1.1
Junk Mail filter update
Malwarebytes Anti-Malware versione 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
Microsoft .NET Framework 4 Client Profile ITA Language Pack
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office a portata di clic 2010
Microsoft Office Access MUI (Italian) 2010
Microsoft Office Excel MUI (Italian) 2010
Microsoft Office Groove MUI (Italian) 2010
Microsoft Office InfoPath MUI (Italian) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (Italian) 2010
Microsoft Office Outlook MUI (Italian) 2010
Microsoft Office PowerPoint MUI (Italian) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (Italian) 2010
Microsoft Office Publisher MUI (Italian) 2010
Microsoft Office Shared 64-bit MUI (Italian) 2010
Microsoft Office Shared MUI (Italian) 2010
Microsoft Office Word MUI (Italian) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Modello 730 2012
Modello 730 2013
Mozilla Thunderbird 16.0.1 (x86 it)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Nero 9 Essentials
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
NETGEAR WG111v2 wireless USB 2.0 adapter
NVIDIA Driver 3D Vision 280.35
NVIDIA Driver audio HD 1.2.23.3
NVIDIA Driver grafico 280.35
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Stereoscopic 3D Driver
Pannello di controllo NVIDIA 280.35
Python 2.7.5 (64-bit)
Raccolta foto di Windows Live
Realtek Ethernet Controller Driver
Realtek Ethernet Diagnostic Utility
Realtek High Definition Audio Driver
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Servizi di stampa Bonjour
UnicoOnLine - File Internet 2.6.9
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VirtualCloneDrive
VueScan
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
X-FMC
.
==== End Of File ===========================
noospy
Active Member
 
Posts: 1
Joined: June 16th, 2013, 11:53 am
Advertisement
Register to Remove

Re: Can't remove iLivid

Unread postby askey127 » June 17th, 2013, 5:55 pm

Hi noospy,
Using µTorrent and other file sharing pograms will get your computer infected, BIG TIME.
Some of the infections planted by criminals in the free torrent downloads can turn your machine into a doorstop.

Also, you don't have a license for this:
Microsoft Office Professional Plus 2010
I would suggest Uninstalling it, and Downloading Libre Office and its Help system instead:
http://www.libreoffice.org/download
It will do about everything you want, reads/writes MS Office files, and it's legal.
You should be able to work with all your present documents.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

µTorrent
Java(TM) 6 Update 31
J2SE Runtime Environment 5.0 Update 16

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
-------------------------------------------------------------
AdwCleaner Download
Please download AdwCleaner from HERE and save it to your desktop or somewhere you can find it.
-------------------------------------------------------------
AdwCleaner Removals
  • Close all open programs and internet browsers.
  • Double click to Start AdwCleaner. (Right click and choose "Run as administrator" in Vista/Win7).
  • Click on the Delete button.
  • Click OK to the prompts.
  • Your computer will be rebooted automatically. A log will open after the restart.
  • Post the contents of the log in your next reply.
You can also find the log in the main directory of the C: drive as C:\AdwCleaner[S1].txt

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Can't remove iLivid

Unread postby Cypher » July 15th, 2013, 6:16 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 290 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware