Jump to content

Infected, possible siref


Recommended Posts

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

 

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

There is evidence of illegal software on your system, remove all traces of that software then run the following and post logs...

 

Download CKScanner from here: http://downloads.malwareremoval.com/CKScanner.exe

Important - Save it to your desktop.

Doubleclick CKScanner.exe (Right click and "Run as administrator" in Vista/Win7).

Give permission if necessary, and click Search For Files.

After a very short time, when the cursor hourglass disappears, click Save List To File.

A message box will verify the file saved. Please run the program once only.

Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

 

Next,

 

Run the MGA Diagnostic Tool and post back the report it creates:

 

  •  

     

  • Download MGADiag from here: http://go.microsoft.com/fwlink/?linkid=52012'>http://go.microsoft.com/fwlink/?linkid=52012 and save it to your desktop.

     

     

  • Double-click on MGADiag.exe to launch the program

     

     

  • Click "Continue"

     

     

  • Ensure that the "Windows" tab is selected (it should be by default).

     

     

  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.

     

     

  • Paste the MGA Diagnostic Report back here in your next reply.

     

     

 

 

Thank you,

 

Kevin

Link to post
Share on other sites

Ran both.  Below are the results from the CKScanner and the results from the MGADiag are pasted after:

 

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\hp games\bejeweled 2 deluxe\wtmui_de\sounds\firecrackle.ogg
c:\program files (x86)\hp games\bejeweled 2 deluxe\wtmui_default\sounds\firecrackle.ogg
c:\program files (x86)\hp games\bejeweled 2 deluxe\wtmui_es\sounds\firecrackle.ogg
c:\program files (x86)\hp games\bejeweled 2 deluxe\wtmui_fr\sounds\firecrackle.ogg
c:\program files (x86)\hp games\bejeweled 2 deluxe\wtmui_it\sounds\firecrackle.ogg
c:\program files (x86)\hp games\bejeweled 2 deluxe\wtmui_zh-cn\sounds\firecrackle.ogg
c:\program files (x86)\hp games\bejeweled 2 deluxe\wtmui_zh-hk\sounds\firecrackle.ogg
c:\users\jim\desktop\downloads\dvdnextcopybr\keygen.rar
c:\users\jim\downloads\dvdfab platinum v9.0.3.8   crack [chattchitto rg].exe
c:\users\jim\downloads\windows.vista.home.premium.x86.32bit.dell-oem.-activation.crack.torrent
c:\users\jim\downloads\[kat.ph]adobe.photoshop.cs5.extended.crack (1).torrent
c:\users\jim\downloads\[kat.ph]adobe.photoshop.cs5.extended.crack.instructions.torrent
c:\users\jim\downloads\[kat.ph]adobe.photoshop.cs5.extended.crack.torrent
c:\users\jim\downloads\[kat.ph]anydvd.anydvd.hd.7.1.5.0.final.incl.crack.torrent
c:\users\jim\downloads\[kat.ph]anydvd.anydvd.hd.v7.1.8.0.final.crack.chattchitto.rg.torrent
c:\users\jim\downloads\[kat.ph]dvdfab.9.0.2.8.final.cracked.exe.chvl.chingliu.torrent
c:\users\jim\downloads\[kat.ph]dvdfab.platinum.v9.0.3.8.crack.chattchitto.rg.torrent
c:\users\jim\downloads\[kat.ph]slysoft.anydvd.anydvd.hd.7.1.4.0.incl.crack.tordigger.torrent
c:\users\jim\downloads\adobe photoshop cs5 extended\crack\adbe_crack - 32bit.rar
c:\users\jim\downloads\adobe photoshop cs5 extended\crack\adbe_crack - 64bit.rar
c:\users\jim\downloads\adobe photoshop cs5 extended\crack\apcs5 - crack read me.txt
c:\users\jim\downloads\adobe photoshop cs5 extended\crack\adbe_crack - 32bit\amtlib.dll
c:\users\jim\downloads\adobe photoshop cs5 extended\crack\adbe_crack - 64bit\amtlib.dll
c:\users\jim\downloads\anydvd & anydvd hd 7.1.5.0 final incl crack @ only by the rain {hkrg}\anydvd & anydvd hd 7.1.5.0 final.rar
c:\users\jim\downloads\anydvd & anydvd hd 7.1.5.0 final incl crack @ only by the rain {hkrg}\install notes.txt
c:\users\jim\downloads\anydvd & anydvd hd 7.1.5.0 final incl crack @ only by the rain {hkrg}\the rain.txt
c:\users\jim\downloads\anydvd & anydvd hd 7.1.5.0 final incl crack @ only by the rain {hkrg}\torrent download from www.digtorrent.org.txt
c:\users\jim\downloads\anydvd & anydvd hd 7.1.5.0 final incl crack @ only by the rain {hkrg}\torrent downloaded from extratorrent.com.txt
c:\users\jim\downloads\anydvd & anydvd hd 7.1.5.0 final incl crack @ only by the rain {hkrg}\torrent downloaded from kat.ph.txt
c:\users\jim\downloads\anydvd & anydvd hd 7.1.5.0 final incl crack @ only by the rain {hkrg}\torrent downloaded from silvertorrent.org.txt
c:\users\jim\downloads\anydvd & anydvd hd 7.1.5.0 final incl crack @ only by the rain {hkrg}\torrent downloaded from therain torrents on btscene.eu.txt
c:\users\jim\downloads\anydvd & anydvd hd 7.1.5.0 final incl crack @ only by the rain {hkrg}\tracked_by_h33t_com.txt
c:\users\jim\downloads\anydvd & anydvd hd v7.1.8.0 final + crack [chattchitto rg]\anydvd & anydvd hd v7.1.8.0 final + crack [chattchitto rg].exe
c:\users\jim\downloads\anydvd & anydvd hd v7.1.8.0 final + crack [chattchitto rg]\chattchitto rg.nfo
c:\users\jim\downloads\anydvd & anydvd hd v7.1.8.0 final + crack [chattchitto rg]\chattchitto rg.url
c:\users\jim\downloads\dvdfab 9.0.2.8 final (cracked exe chvl) [chingliu]\chingliu.install.notes.nfo
c:\users\jim\downloads\dvdfab 9.0.2.8 final (cracked exe chvl) [chingliu]\dvdfab9028.exe
c:\users\jim\downloads\dvdfab 9.0.2.8 final (cracked exe chvl) [chingliu]\how to open nfo files.txt
c:\users\jim\downloads\dvdfab 9.0.2.8 final (cracked exe chvl) [chingliu]\dvdfab 9.0.2.8-cracked exe\chvl.nfo
c:\users\jim\downloads\dvdfab 9.0.2.8 final (cracked exe chvl) [chingliu]\dvdfab 9.0.2.8-cracked exe\dvdfab.exe
c:\users\jim\downloads\dvdfab platinum v9.0.3.8 + crack [chattchitto rg]\chattchitto rg.nfo
c:\users\jim\downloads\dvdfab platinum v9.0.3.8 + crack [chattchitto rg]\chattchitto rg.url
c:\users\jim\downloads\dvdfab platinum v9.0.3.8 + crack [chattchitto rg]\dvdfab platinum v9.0.3.8 + crack [chattchitto rg].exe
c:\users\jim\downloads\finale 2011\finale 2011 keygen - copy.dmg
c:\users\jim\downloads\finale 2011\finale 2011 keygen.dmg
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\readme!.txt
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\setupanydvd7140.exe
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\torrent downloaded from tordigger torrents at 1337x.org.txt
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\torrent downloaded from tordigger torrents at btscene.org.txt
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\torrent downloaded from tordigger torrents at divxhunt.tk.txt
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\torrent downloaded from tordigger torrents at h33t.com.txt
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\torrent downloaded from tordigger torrents at kat.ph.txt
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\torrent downloaded from tordigger torrents at pp2pdl.com.txt
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\torrent downloaded from tordigger torrents at thepiratebay.se.txt
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\crack\elbycdio.dll
c:\users\jim\downloads\slysoft anydvd & anydvd hd 7.1.4.0 incl crack [tordigger]\crack\readme.txt
c:\users\jim\downloads\windows.vista.home.premium.x86.32bit.dell oem.+activation.crack\vista_home_premium_x86_bootable_dell_oem_32bit.iso
c:\users\jim\downloads\windows.vista.home.premium.x86.32bit.dell oem.+activation.crack\~bittorrentpartfile_b5a46bd9.dat
c:\windows\kmsemulator.exe
c:\windows\autokms\autokms.exe
scanner sequence 3.ZZ.11.VFAPTZ
 ----- EOF -----
 

 

 

Below is the results from the MGA Diag:

 

 

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-73CQT-WMF7J-3Q6C9
Windows Product Key Hash: KaFG+RmurcM3ZxzWyfEP9WtPUJw=
Windows Product ID: 00359-OEM-8992687-00010
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {1D111AFE-275B-43EC-B020-031F7AD13C6B}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.130828-1532
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-604-645_B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{1D111AFE-275B-43EC-B020-031F7AD13C6B}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3Q6C9</PKey><PID>00359-OEM-8992687-00010</PID><PIDType>2</PIDType><SID>S-1-5-21-1696247125-1059125549-3842389576</SID><SYSTEM><Manufacturer>HP-Pavilion</Manufacturer><Model>NY645AA-ABA MS213</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies LTD</Manufacturer><Version>V5.11 </Version><SMBIOSVersion major="2" minor="5"/><Date>20090828000000.000000+000</Date></BIOS><HWID>34663707018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Central Standard Time(GMT-06:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-CPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows® 7, HomePremium edition
Description: Windows Operating System - Windows® 7, OEM_SLP channel
Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00178-926-800010-02-1033-7600.0000-2432009
Installation ID: 013731371212983354848966936711585913511873764356058806
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 3Q6C9
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 1/21/2014 10:01:10 AM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 11:9:2013 03:16
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: KgAAAAEAAQABAAEAAAABAAAAAQABAAEA6GGGhjCR9E6WHOwdsnueIcj0

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
  ACPI Table Name    OEMID Value    OEMTableID Value
  APIC            HPQOEM        SLIC-CPC
  FACP            HPQOEM        SLIC-CPC
  HPET            HPQOEM        SLIC-CPC
  MCFG            HPQOEM        SLIC-CPC
  SSDT            HPQOEM        SLIC-CPC
  SLIC            HPQOEM        SLIC-CPC

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.