Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

"Outgoing" virus! Please help!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

"Outgoing" virus! Please help!

Unread postby Palominoz59 » May 5th, 2015, 6:25 pm

A few days ago when I logged onto the internet using Chrome, Malwarebytes Pro blocked this "outgoing" file: ccbidder.tlvmedia.com The most common address is 184.173.133.194 It has used ports 50164 and 50354 that I've noticed. I've run ESET online (no threats detected), Webroot, SuperAntiSpyware and CC Cleaner. Nothing is showing up, nor is anything showing up in my C: search for that particular name :?: . This blocked file pops up continually when I'm on the internet. Please help, I'm afraid I've acquired a virus that is trying to obtain my information and send it back to the internet!

Thank you for your consideration!!!!

Required files are copied below:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17728 BrowserJavaVersion: 10.71.2
Run by User at 17:12:41 on 2015-05-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2005.814 [GMT -5:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\D-Link\DWA-160\ANIWConnService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uProxyServer = 192.168.0.101:80
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [D-Link D-Link Wireless N Dual Band DWA-160 ] C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: dell.com
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{64ED6792-0737-49E9-BABF-E9FF764EB707} : DHCPNameServer = 192.168.254.254
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2015-4-12 56336]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2014-1-17 116736]
R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2015-4-13 15872]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-4-20 107736]
R3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2014-6-6 95344]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2014-6-6 21872]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-17 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-4-20 136408]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-4-20 63704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-17 19456]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2014-1-17 31800]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2014-1-17 16152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-1-17 57856]
S3 wrUrlFlt;Webroot UrlFilter;C:\Windows\System32\drivers\wrUrlFlt.sys [2015-2-26 41040]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2015-05-02 17:35:09 -------- dc----w- C:\Program Files\CCleaner
2015-05-02 16:53:27 -------- dc----w- C:\Program Files (x86)\ESET
2015-05-01 05:19:28 -------- d-----w- C:\Users\User\AppData\Roaming\DikobrazGames
2015-04-29 20:06:30 -------- d-----w- C:\Users\User\AppData\Roaming\Jewels Of The Gods
2015-04-29 20:01:33 -------- dc----w- C:\Program Files (x86)\Microsoft
2015-04-29 19:59:58 411656 ----a-w- C:\Windows\System32\xactengine2_10.dll
2015-04-29 19:59:58 267272 ----a-w- C:\Windows\SysWow64\xactengine2_10.dll
2015-04-29 19:59:57 2006552 ----a-w- C:\Windows\System32\D3DCompiler_36.dll
2015-04-29 19:59:53 21000 ----a-w- C:\Windows\System32\X3DAudio1_2.dll
2015-04-29 19:59:53 17928 ----a-w- C:\Windows\SysWow64\X3DAudio1_2.dll
2015-04-29 18:44:05 508264 ----a-w- C:\Windows\System32\d3dx10_36.dll
2015-04-29 18:44:05 444776 ----a-w- C:\Windows\SysWow64\d3dx10_36.dll
2015-04-29 18:44:05 1374232 ----a-w- C:\Windows\SysWow64\D3DCompiler_36.dll
2015-04-29 18:44:04 5081608 ----a-w- C:\Windows\System32\d3dx9_36.dll
2015-04-29 18:44:04 3734536 ----a-w- C:\Windows\SysWow64\d3dx9_36.dll
2015-04-29 18:44:01 411496 ----a-w- C:\Windows\System32\xactengine2_9.dll
2015-04-29 18:44:01 267112 ----a-w- C:\Windows\SysWow64\xactengine2_9.dll
2015-04-29 18:22:47 -------- d--h--w- C:\Windows\msdownld.tmp
2015-04-29 18:21:15 -------- d-----w- C:\Windows\SysWow64\directx
2015-04-23 16:43:40 -------- dc----w- C:\Program Files\Nitro
2015-04-18 20:13:22 -------- dc----w- C:\Program Files (x86)\The Far Kingdoms - Age of Solitaire
2015-04-15 14:30:39 98304 ----a-w- C:\Windows\System32\wudriver.dll
2015-04-15 14:29:53 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2015-04-15 14:27:29 754688 ----a-w- C:\Windows\System32\drivers\http.sys
2015-04-15 14:22:25 79360 ----a-w- C:\Windows\System32\clfsw32.dll
2015-04-15 14:22:25 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll
2015-04-15 14:22:25 367552 ----a-w- C:\Windows\System32\clfs.sys
2015-04-13 19:59:54 302080 ----a-w- C:\Windows\lwd.exe
2015-04-13 19:57:56 327008 ----a-w- C:\Windows\System32\RaCoInstx.dll
2015-04-13 19:57:56 1660480 ----a-w- C:\Windows\System32\drivers\Dnetr28ux.sys
2015-04-13 19:57:56 15872 ----a-w- C:\Windows\System32\drivers\anodlwfx.sys
2015-04-13 19:57:55 -------- dc----w- C:\Program Files (x86)\D-Link
2015-04-13 01:42:06 -------- d-----w- C:\Users\User\AppData\Roaming\PDAppFlex
2015-04-13 01:41:31 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2015-04-13 01:28:40 56336 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2015-04-13 01:28:40 11376 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2015-04-13 01:28:40 10864 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2015-04-13 01:27:40 -------- dc----w- C:\Program Files (x86)\Common Files\Sonic Shared
2015-04-13 01:27:38 -------- dc----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2015-04-08 00:49:38 -------- d-----w- C:\Users\User\AppData\Roaming\java
2015-04-07 21:57:04 -------- d-----w- C:\Users\User\AppData\Roaming\Radialpoint
2015-04-07 21:57:04 -------- d-----w- C:\ProgramData\Triage
.
==================== Find3M ====================
.
2015-05-05 20:52:10 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-04-14 14:37:56 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-04-14 14:37:46 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-04-14 14:37:42 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-04-08 13:01:45 166128 ----a-w- C:\Windows\SysWow64\WRusr.dll
2015-04-08 13:01:45 116736 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2015-04-08 13:01:45 103816 ----a-w- C:\Windows\System32\WRusr.dll
2015-03-25 03:24:41 3298816 ----a-w- C:\Windows\System32\wucltux.dll
2015-03-25 03:24:41 191488 ----a-w- C:\Windows\System32\wuwebv.dll
2015-03-25 03:24:08 60416 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-03-25 03:23:58 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-03-25 03:23:55 36864 ----a-w- C:\Windows\System32\wuapp.exe
2015-03-25 03:00:57 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-03-25 03:00:57 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-03-25 03:00:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-03-23 03:25:15 726528 ----a-w- C:\Windows\System32\generaltel.dll
2015-03-23 03:25:01 769536 ----a-w- C:\Windows\System32\invagent.dll
2015-03-23 03:24:56 419840 ----a-w- C:\Windows\System32\devinv.dll
2015-03-23 03:24:54 957952 ----a-w- C:\Windows\System32\appraiser.dll
2015-03-23 03:24:53 30720 ----a-w- C:\Windows\System32\acmigration.dll
2015-03-23 03:24:53 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-03-23 03:24:53 192000 ----a-w- C:\Windows\System32\aepic.dll
2015-03-23 03:17:39 1111552 ----a-w- C:\Windows\System32\aeinv.dll
2015-03-17 05:22:37 5557696 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-03-17 05:22:35 95672 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-03-17 05:22:35 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-03-17 05:19:37 1727904 ----a-w- C:\Windows\System32\ntdll.dll
2015-03-17 05:17:00 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-03-17 05:17:00 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-03-17 05:17:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-03-17 05:15:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-03-17 05:15:44 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-03-17 05:15:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-03-17 05:13:29 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-03-17 05:13:17 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-03-17 05:01:09 3976632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-03-17 05:01:09 3920824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-03-17 04:59:26 1309696 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-03-17 04:57:25 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-03-17 04:57:21 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-03-17 04:57:20 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-03-17 04:57:17 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-03-17 04:57:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-03-17 04:57:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2015-03-17 04:57:12 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-03-17 04:57:11 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-03-17 04:57:07 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-03-17 04:56:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-03-17 04:56:56 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2015-03-17 04:56:41 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-03-17 04:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-03-17 04:56:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-03-17 04:56:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-03-17 04:56:00 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-03-17 04:53:35 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-03-17 04:53:13 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-03-17 03:45:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-03-17 03:45:23 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-03-17 03:43:04 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-17 03:43:04 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-17 03:43:04 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-03-17 03:43:03 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-03-13 04:25:14 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-03-13 04:25:01 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-03-13 04:09:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-03-13 04:08:33 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-03-13 04:08:27 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-03-13 04:08:17 417280 ----a-w- C:\Windows\System32\html.iec
2015-03-13 04:06:54 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-03-13 03:54:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-03-13 03:54:00 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-03-13 03:53:22 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-03-13 03:50:45 6025216 ----a-w- C:\Windows\System32\jscript9.dll
2015-03-13 03:44:48 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-03-13 03:42:18 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-03-13 03:32:48 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-03-13 03:28:48 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-03-13 03:28:37 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-03-13 03:27:51 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-03-13 03:27:35 340992 ----a-w- C:\Windows\SysWow64\html.iec
2015-03-13 03:26:19 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-03-13 03:16:26 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-03-13 03:15:40 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-03-13 03:05:50 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-03-13 03:05:24 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-03-13 03:01:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-03-13 02:49:21 4305408 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-03-13 02:45:57 2358784 ----a-w- C:\Windows\System32\wininet.dll
2015-03-13 02:43:41 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-03-13 02:42:47 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-03-13 02:20:28 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-03-10 03:21:42 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2015-03-10 03:08:26 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2015-03-10 03:05:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2015-03-07 16:55:44 129752 ----a-w- C:\Windows\System32\drivers\404F1356.sys
2015-03-05 05:12:33 404480 ----a-w- C:\Windows\System32\gdi32.dll
2015-03-05 04:05:06 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2015-02-26 22:09:06 41040 ----atw- C:\Windows\System32\drivers\wrUrlFlt.sys
2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys
2015-02-20 04:41:01 41984 ----a-w- C:\Windows\System32\lpk.dll
.
============= FINISH: 17:16:06.22 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/19/2013 1:44:05 PM
System Uptime: 5/5/2015 3:50:58 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 0R092H
Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz | CPU | 1995/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 62.723 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_8086&DEV_29B4&SUBSYS_02111028&REV_02\3&172E68DD&0&18
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_8086&DEV_29B4&SUBSYS_02111028&REV_02\3&172E68DD&0&18
Service:
.
Class GUID:
Description: PCI Serial Port
Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_02111028&REV_02\3&172E68DD&0&1B
Manufacturer:
Name: PCI Serial Port
PNP Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_02111028&REV_02\3&172E68DD&0&1B
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
10 Talismans
Adobe AIR
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Photoshop Elements 11
Adobe Reader XI (11.0.10)
Adobe Shockwave Player 12.1
Apple Application Support
Apple Software Update
aTube Catcher
aTube Catcher version 3.8
Belarc Advisor 8.4
Big Fish: Game Manager
Brother MFL-Pro Suite MFC-J470DW
Call Of Atlantis
CCleaner
CCScore
Check Printer Home Edition 5.7
Cradle of Rome 2
CyberLink Power2Go
D-Link DWA-160
Dell System Detect
Elements 11 Organizer
ESET Online Scanner v3
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
fflink
Google Chrome
Google Update Helper
Heartwild Solitaire: Book Two
Heroes of Hellas 2: Olympia
Heroes of Hellas 3: Athens
Imperial Island 2: The Search for New Land
Intel(R) Graphics Media Accelerator Driver
Intel(R) Network Connections 19.0.27.0
Java 7 Update 71
Java 8 Update 25 (64-bit)
Java Auto Updater
Jewel Quest The Sleepless Star
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
KSU
Label Factory Deluxe 3.0
LG CyberLink LabelPrint
LG CyberLink Media Suite
LG CyberLink PowerBackup
LG ODD Auto Firmware Update
LightScribe 1.4.136.1
Lost in Reefs
Magic DVD Copier V8.2.0
Mahjongg Dimensions Deluxe
Malwarebytes Anti-Malware version 2.1.6.1022
Microsoft .NET Framework 4.5.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
MyDriveConnect 3.3.0.1342
Mythic Mahjong
netbrdg
Notifier
Nuance PaperPort 12
Nuance PDF Viewer Plus
OfotoXMI
PaperPort Image Printer 64-bit
Picasa 3
Pogo Games
PSE11 STI Installer
QuickTime 7
Revo Uninstaller Pro 3.1.2
Scansoft PDF Professional
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB3037581)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2984939) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition
SFR
SHASTA
Sierra Utilities
SKIN0001
SKINXSDK
Solitaire Mystery Four Seasons
staticcr
SUPERAntiSpyware
swMSM
System Requirements Lab for Intel
Talismans Of Atlantis
The Chronicles of Emerland Solitaire
The Far Kingdoms: Age of Solitaire
The Far Kingdoms: Winter Solitaire
The Path of Hercules
The Rise Of Atlantis
TomTom HOME
TomTom HOME Visual Studio Merge Modules
tooltips
Tri-Peaks 2: Quest for the Ruby Ring
Tri-Peaks Solitaire To Go
Trial of the Gods: Ariadne's Journey
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2965207) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Visual Studio C++ 10.0 Runtime
VPRINTOL
Webroot SecureAnywhere
Windows 7 USB/DVD Download Tool
WIRELESS
.
==== End Of File ===========================
Palominoz59
Active Member
 
Posts: 2
Joined: May 5th, 2015, 6:06 pm
Advertisement
Register to Remove

Re: "Outgoing" virus! Please help!

Unread postby pgmigg » May 7th, 2015, 11:26 am

Hello Palominoz59,

Warning! License issue with Microsoft Office Enterprise 2007
The Microsoft Office Enterprise 2007 is not sold to individual home computer users and hence is not generally legal on a home computer.

Per our policy concerning illegally licensed software, I can offer you no further assistance as long as you have Microsoft Office Enterprise 2007 installed.

I strongly recommend that you uninstall Microsoft Office Enterprise 2007 however that choice is up to you.
  • If you choose NOT to remove this program, please indicate that in your next reply and ignore the remaining steps.
  • If you choose to remove this program then perform the following steps:
    1. Click on Start, then click the Start Search box on the Start Menu.
    2. Copy and paste the value below into the open text entry box:
      (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
      Code: Select all
       appwiz.cpl 
      and press Enter - the Unistall or change a program list will be opened.
    3. Right-click the MS Office Enterprise 2007 entry, choose Uninstall/Change and give permission to Continue.
  • Reboot (restart) your computer.

Step 1.
MGA Diagnostics
I need you to run a tool which will aid in determining what additional steps we'll need to perform.
  1. Please download this tool from Microsoft and save it to your Desktop.
  2. Right click on MGADiag.exe and select "Run As Administrator..." to run it.
  3. Click "Run" again and then click "Continue".
  4. The program will run. It takes a while to finish the diagnosis, please be patient.
  5. Once done, click on Copy.
  6. Open Notepad and paste the contents in. Save this file and post it in your next reply.

Step 2.
Run CKScanner
  1. Please download CKScanner from Here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Step 3.
TSG - SysInfo utility
  1. Please download SysInfo utility and save it to your Desktop.
  2. Right click on SysInfo.exe, select "Run As Administrator..." to run it... if UAC prompts, please allow it.
  3. Right click, select copy and then paste in your next post.

Then:
Please tell me is this computer used for business purposes and connected to a business or educational network?
I need to know it - so I can provide the proper instructions.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Your decision about Microsoft Office Enterprise 2007
  3. Contents of a log created by MGADiag.exe
  4. Contents of CKFiles.txt log file
  5. Contents of SysInfo scan
  6. Answers to my question related to type of using of your computer

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: "Outgoing" virus! Please help!

Unread postby Palominoz59 » May 7th, 2015, 4:52 pm

Thank you so much for all your help. I had no issues with the instructions. This is a personal computer.

Enterprise 2007 has been removed.

Please find below the requested files:

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-GJY49-VJBQ7-HYRR2
Windows Product Key Hash: W5/6nm6F2UPXrCkY5xUhXb/+21g=
Windows Product ID: 00426-OEM-8992662-00006
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {A2A41446-0967-4D05-854A-37786F3A2736}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.150316-1654
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{A2A41446-0967-4D05-854A-37786F3A2736}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-HYRR2</PKey><PID>00426-OEM-8992662-00006</PID><PIDType>2</PIDType><SID>S-1-5-21-332787635-1230790301-3217831208</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>OptiPlex 755 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A11</Version><SMBIOSVersion major="2" minor="5"/><Date>20080804000000.000000+000</Date></BIOS><HWID>C2BE3607018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>WN09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, Ultimate edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00178-926-600006-02-1033-7601.0000-0302014
Installation ID: 006101365845553704169082563914654134815745527681801655
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: HYRR2
License Status: Licensed
Remaining Windows rearm count: 4
Trusted time: 5/7/2015 3:47:13 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 3:17:2015 20:38
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: PAAAAAIABgABAAIAAAABAAAAAwABAAEAJJRqqCci0bhk/oj9ynSSLtCHKK9qIWrmIr3aueP9XP8/liqF

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC DELL B9K
FACP DELL B9K
HPET DELL B9K
BOOT DELL B9K
MCFG DELL B9K
SSDT DELL st_ex
ASF! DELL B9K
____ DELL B9K
SLIC DELL WN09

-------------------------------------------------------------------------------------------------------------------
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\users\user\documents\misc\computer misc\keygens\keys to upgrade to ultimate 7.docx
c:\users\user\documents\misc\computer misc\keygens\m'bytes pro key and usernames.docx
c:\users\user\documents\misc\computer misc\keygens\magic dvd copier numbers.docx
c:\users\user\documents\misc\computer misc\keygens\office 2013 pro plus keycodes.docx
c:\users\user\documents\misc\computer misc\keygens\software keycodes.docx
c:\users\user\documents\misc\computer misc\keygens\webroot keycodes.docx
scanner sequence 3.BD.11.ENNAVZ
----- EOF -----

-------------------------------------------------------------------------------------------------------------------

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz, Intel64 Family 6 Model 15 Stepping 13
Processor Count: 2
RAM: 2004 Mb
Graphics Card: Intel(R) Q35 Express Chipset Family, 256 Mb
Hard Drives: C: Total - 152524 MB, Free - 69962 MB;
Motherboard: Dell Inc., 0R092H
Antivirus: Webroot SecureAnywhere, Updated and Enabled
Palominoz59
Active Member
 
Posts: 2
Joined: May 5th, 2015, 6:06 pm

Re: "Outgoing" virus! Please help!

Unread postby NonSuch » May 8th, 2015, 1:46 am

Your topic has been closed for one or more of the following reasons:

  1. Use of cracked, illegal or pirated software.
  2. Use of cracked, illegal or pirated versions of Windows.
  3. Use of outdated or unpatched versions of Windows.
  4. Posting for help for a business use computer.
  5. Posting in multiple malware removal forums for the same computer issue.

This topic is now closed.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 344 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware