Jump to content

Sachin Naik

Members
  • Posts

    17
  • Joined

  • Last visited

Everything posted by Sachin Naik

  1. 1 year back I was infected by some viruts because of which I formatted only my C drive and later I had no problems but just now I have observed that my windows displays a message data execution prevention in which windows blocks the execution of some program, I was only running a 3 scans on my pc at that time and suddenly this message got displayed, so till now this message has appeared thrice but I don
  2. I am using the latest MBAM which has got IP Protection in it, whenever i go to any websites like youtube, google and even if i dont do anything (while i am connected to the internet), my MBAM automatically keeps blocking an IP address 64.135.77.30 after every 40-50 seconds, Now is it that, someone has an eye on my computer and is trying to connect secretly to my PC or is it simply a common tracking cookie IP like doubleclick.net? If my MBAM detects the same IP one or two time its ok, but the problem is that it keeps on blocking this IP all the time, 7 days have passed, no other ip is blocked
  3. does other softwares like avg, avira, avast provide incremental updates?
  4. imagine if I do not update my MBAM for one month and if i try to update it the next month i.e. after 30 days that could u plz tell me what could be its approximate update size Actually I am asking this question because I have to plan about how much internet I should use. as I am always worried about my internet charges
  5. oops I downloaded MBAM 1.39 from a seperate location, and installed, it did not detect anything looks like whenever there is a new version of MBAM available I have to manually download the pack from some site rather then clicking the update button becoz of the error
  6. oh no again i cannot update MBAM actually this problem always happens when there is a newer version of MBAM available, it pops-up an error as 732 (0,0) with the message as contact MBAM team for support, I tried downloading MBAM 1.39 installation package from MBAM site also the downloading begins and just pauses to 1% and remains like that so I have updating problem only when a newer version of MBAM is available not else
  7. since its not a malware related issue i will ignore the problem so u are free to close the topic anyway thanks a lot
  8. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-06-26.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 17-May-09 10:43:02 PM System Uptime: 07-Sep-09 08:29:43 PM (-1439 hours ago) Motherboard: ECS | | P4M890T-M Processor: Intel® Pentium® D CPU 3.00GHz | CPU 1 | 2992/200mhz Processor: Intel® Pentium® D CPU 3.00GHz | CPU 1 | 2992/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 20 GiB total, 13.224 GiB free. D: is FIXED (NTFS) - 20 GiB total, 19.424 GiB free. E: is FIXED (NTFS) - 20 GiB total, 19.454 GiB free. F: is FIXED (NTFS) - 16 GiB total, 13.867 GiB free. G: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318} Description: Microsoft PS/2 Mouse Device ID: ACPI\PNP0F03\4&1D8E1589&0 Manufacturer: Microsoft Name: Microsoft PS/2 Mouse PNP Device ID: ACPI\PNP0F03\4&1D8E1589&0 Service: i8042prt Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Bluetooth LAN Access Server Driver Device ID: {95C7A0A0-3094-11D7-A202-00508B9D7D5A}\BTWDNDIS\1&30EE4AD&0&1000000020000 Manufacturer: WIDCOMM, Inc. Name: Bluetooth LAN Access Server Driver PNP Device ID: {95C7A0A0-3094-11D7-A202-00508B9D7D5A}\BTWDNDIS\1&30EE4AD&0&1000000020000 Service: BTWDNDIS ==== System Restore Points =================== RP1: 17-May-09 10:49:15 PM - System Checkpoint RP2: 17-May-09 11:03:58 PM - Installed Realtek High Definition Audio Driver RP3: 17-May-09 11:04:27 PM - Installed Windows XP KB888111WXPSP2. RP4: 18-May-09 11:23:24 AM - Installed AVG Free 8.0 RP5: 18-May-09 11:47:59 AM - Installed Windows Media Format 9 Series Runtime Setup RP6: 18-May-09 02:26:39 PM - Installed WIDCOMM Bluetooth Software RP7: 18-May-09 02:29:04 PM - Unsigned driver install RP8: 18-May-09 08:07:33 PM - Installed Windows XP KB915865. RP9: 18-May-09 08:08:00 PM - Installed Windows NLSDownlevelMapping. RP10: 18-May-09 08:08:16 PM - Installed Windows IDNMitigationAPIs. RP11: 18-May-09 08:09:43 PM - Installed Windows Internet Explorer 7. RP12: 18-May-09 08:15:42 PM - Avg8 Update RP13: 18-May-09 08:19:07 PM - Avg8 Update RP14: 19-May-09 04:53:43 PM - Installed OpenOffice.org 2.1 RP15: 19-May-09 05:23:46 PM - Unsigned driver install RP16: 19-May-09 05:28:53 PM - Unsigned driver install RP17: 19-May-09 06:00:05 PM - Installed FormatFactory RP18: 20-May-09 07:23:01 PM - Installed QuickTime RP19: 20-May-09 09:28:31 PM - Installed Avira RootKit Detection RP20: 22-May-09 11:30:57 AM - System Checkpoint RP21: 22-May-09 01:36:04 PM - Configured AVG Free 8.0 RP22: 22-May-09 01:39:06 PM - Configured AVG Free 8.0 RP23: 22-May-09 01:56:07 PM - Avg8 Update RP24: 22-May-09 01:59:24 PM - Avg8 Update RP25: 23-May-09 10:40:25 PM - Installed ProxyWay Extra RP26: 24-May-09 01:50:17 PM - Installed SUPERAntiSpyware Free Edition RP27: 28-May-09 11:45:37 AM - Removed AVG 8.5 RP28: 28-May-09 11:51:23 AM - Installed AVG Free 8.0 RP29: 28-May-09 12:02:30 PM - Configured AVG Free 8.0 RP30: 28-May-09 01:35:28 PM - Configured AVG Free 8.0 RP31: 28-May-09 01:41:32 PM - Avg8 Update RP32: 28-May-09 01:55:15 PM - Avg8 Update RP33: 01-Jun-09 12:57:31 PM - Installed Adobe Reader 6.0 RP34: 02-Jun-09 11:05:25 PM - Installed Platform RP35: 03-Jun-09 10:20:34 AM - Installed Platform RP36: 05-Jun-09 04:19:35 PM - Installed Project64 1.6 RP37: 11-Jun-09 10:47:34 PM - Avg8 Update RP38: 11-Jun-09 10:49:53 PM - Avg8 Update RP39: 26-Jun-09 10:41:57 PM - Removed ProxyWay Extra RP40: 03-Jul-09 09:26:30 PM - Avg8 Update RP41: 03-Jul-09 09:29:04 PM - Avg8 Update ==== Installed Programs ====================== Adobe Acrobat 5.0 Adobe Flash Player 10 ActiveX Adobe Reader 6.0 Aladdin Audio Recorder for Free AVG Anti-Rootkit Free AVG Free 8.0 Avira RootKit Detection Billeo Crawler Toolbar with Web Security Guard Das Unit Converter 6.25 Debut Video Capture Software DriverAgent by TouchStone Software FLV Player 1.3.3 FormatFactory High Definition Audio Driver Package - KB888111 HijackThis 2.0.2 Hotfix for Windows XP (KB915865) IE7Pro Malwarebytes' Anti-Malware Microsoft GIF Animator Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (3.0.5) Mozilla Thunderbird (2.0.0.22) MSN OpenOffice.org 2.1 PasswordKeeper Platform Project64 1.6 QuickTime Realtek High Definition Audio Driver Santa Claus in Trouble Santa Claus in trouble ...again! - Demo SecureDoc Spybot - Search & Destroy Star Downloader Free SUPERAntiSpyware Free Edition ThreatFire Ultimate Racing Showdown 1.0 VIA Platform Device Manager VIA/S3G Display Driver 6.14.10.0359 Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 WavePad Sound Editor WebFldrs XP WIDCOMM Bluetooth Software Windows Internet Explorer 7 WinRAR archiver WordWeb ==== End Of File =========================== DDS (Ver_09-06-26.01) - NTFSx86 Run by Sachin Naik at 21:04:23.20 on 09-Jul-09 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.959.252 [GMT 5.5:30] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ThreatFire\TFTray.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Billeo\billeo.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\MSI\SecureDoc\Logon.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\WordWeb\wweb32.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\ThreatFire\TFService.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\Crawler\CToolbar.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Documents and Settings\Sachin Naik\Desktop\dds.scr C:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uLocal Page = \blank.htm uStart Page = about:blank uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: IE7Pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - c:\program files\iepro\iepro.dll BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\ctbr.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Billeo: {465e08e7-f005-4389-980f-1d8764b3486c} - c:\program files\billeo\billeo.dll BHO: {53707962-6F74-2D53-2644-206D7942484F} - No File BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: : {fffffef0-5b30-21d4-945d-000000000000} - f:\download\stardo~1\SDIEInt.dll TB: Billeo: {6adb0f93-1aa5-4bcf-9df4-cea689a3c111} - c:\program files\billeo\billeo.dll TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\ctbr.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background mRun: [skyTel] SkyTel.EXE mRun: [RTHDCPL] RTHDCPL.EXE mRun: [ThreatFire] c:\program files\threatfire\TFTray.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [VTTimer] VTTimer.exe mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray StartupFolder: c:\docume~1\sachin~1\startm~1\programs\startup\wordweb.lnk - c:\program files\wordweb\wweb32.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\billeo.lnk - c:\program files\billeo\billeo.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secure~1.lnk - c:\program files\msi\securedoc\Logon.exe IE: &WordWeb... - c:\windows\wweb32.dll/lookup.html IE: Crawler Search - tbr:iemenu IE: Download with Star Downloader - f:\download\star downloader\sdie.htm IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - c:\program files\iepro\iepro.dll DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242710893437 DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab TCP: {E0AB15F7-D716-4717-9C83-24F4BBF80EAE} = 218.248.255.177 218.248.240.134 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\ctbr.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: avgrsstarter - avgrsstx.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\sachin~1\applic~1\mozilla\firefox\profiles\t6tu1aay.default\ FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll ============= SERVICES / DRIVERS =============== R0 AVG Anti-Rootkit;AVG Anti-Rootkit;c:\windows\system32\drivers\avgarkt.sys [2007-1-31 5632] R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2009-5-18 51984] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2009-5-18 46864] R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2009-6-3 21144] R1 AvgArCln;Avg Anti-Rootkit Clean Driver;c:\windows\system32\drivers\AvgArCln.sys [2009-5-18 3968] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-28 327688] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-28 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-28 108552] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-3-23 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 72944] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-7-3 906520] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-7-3 298776] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-5-18 195856] R2 ThreatFire;ThreatFire;c:\program files\threatfire\tfservice.exe service --> c:\program files\threatfire\TFService.exe service [?] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-5-18 19096] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2009-5-18 33552] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 7408] =============== Created Last 30 ================ 2009-07-03 21:29 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar 2009-06-29 10:41 32,768 a------- c:\documents and settings\sachin naik\das_uc_dat625.dat 2009-06-29 10:35 <DIR> --d----- c:\program files\Das Unit Converter 2009-06-27 22:59 <DIR> --d----- C:\ComboFix 2009-06-27 22:59 388,608 a------- c:\windows\system32\CF21290.exe 2009-06-27 22:56 388,608 a------- c:\windows\system32\cmd.execf 2009-06-27 21:22 <DIR> --d-h--- c:\windows\system32\GroupPolicy 2009-06-27 12:19 <DIR> -cd----- c:\windows\system32\dllcache\cache 2009-06-27 12:10 161,792 a------- c:\windows\SWREG.exe 2009-06-27 12:10 155,136 a------- c:\windows\PEV.exe 2009-06-27 12:10 98,816 a------- c:\windows\sed.exe 2009-06-27 11:57 <DIR> --dshr-- C:\cmdcons 2009-06-24 13:34 140,408 a------- C:\Aladdin-(U)-[!].gs0 2009-06-19 20:19 <DIR> --d----- c:\program files\Santa Claus in trouble ...again! - Demo 2009-06-17 20:15 <DIR> --d----- C:\Multimedia Files 2009-06-17 20:14 <DIR> --d----- c:\program files\Microsoft GIF Animator 2009-06-12 11:00 54,156 a---h--- c:\windows\QTFont.qfn 2009-06-12 11:00 1,409 a------- c:\windows\QTFont.for ==================== Find3M ==================== 2009-07-03 21:28 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-07-03 21:28 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-06-20 02:07 46,864 a------- c:\windows\system32\drivers\TfSysMon.sys 2009-06-20 02:07 33,552 a------- c:\windows\system32\drivers\TfNetMon.sys 2009-06-20 02:07 51,984 a------- c:\windows\system32\drivers\TfFsMon.sys 2009-06-17 11:27 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 11:27 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-05-28 13:54 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-05-18 19:26 23,600 a------- c:\windows\system32\drivers\TVICHW32.SYS 2009-05-18 10:53 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-05-18 10:42 155,995 a------- c:\windows\java\packages\H3DZJZDB.ZIP 2009-05-18 10:42 2,232 a------- c:\windows\java\packages\data\DFZJVRXJ.DAT 2009-05-18 10:42 2,678 a------- c:\windows\java\packages\data\U3V5BDB1.DAT 2009-05-18 10:42 2,678 a------- c:\windows\java\packages\data\TNBRD3FB.DAT 2009-05-18 10:42 2,678 a------- c:\windows\java\packages\data\GP7NN3N5.DAT 2009-05-18 10:42 2,678 a------- c:\windows\java\packages\data\AWWFDBXV.DAT 2009-05-18 10:42 2,678 a------- c:\windows\java\packages\data\2IBZBXFD.DAT 2009-05-17 23:03 315,392 a------- c:\windows\HideWin.exe 2009-05-17 22:37 21,640 a------- c:\windows\system32\emptyregdb.dat ============= FINISH: 21:06:03.42 =============== the first method did not work
  9. Actually I had already posted the MBAM log file in my old message, I think u missed it, well this is the fresh log, As I have allready mentioned, I dont have any problems with MBAM updating, but the only problem I face is that, I cannot start MBAM protection with windows because this causes start up problem, so I have to manually start it. The other softwae I use is threatfire latest, and avg free latest version but is this is malware issue? I dont think so but still no guarantee Malwarebytes' Anti-Malware 1.38 Database version: 2379 Windows 5.1.2600 Service Pack 2 06-Jul-09 02:21:34 PM mbam-log-2009-07-06 (14-21-34).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|) Objects scanned: 115475 Time elapsed: 41 minute(s), 56 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  10. actually its raining heavily here, my pc may get a power surge so i need to wait for around 3 days then i will post back
  11. still i am able to update my MBAM without any problems but I dont know about why u told be in the last topic that I am infected i.e here http://www.malwarebytes.org/forums/index.p...amp;#entry93392 as I dont have any problems presently I mean don't you think so it could be the server problem? or still (malware).......
  12. Presently I don't have any MBAM update problems, as I have updated it twice today successfully, but yes the one particular setting of MBAM
  13. I don't have any other problem rather then the problem which I have mentioned above plz note: I have first run a MBAM scan then Combo fix scan and then hijack this Please help me Malwarebytes' Anti-Malware 1.38 Database version: 2340 Windows 5.1.2600 Service Pack 2 27-Jun-09 11:40:28 AM mbam-log-2009-06-27 (11-40-28).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|) Objects scanned: 127326 Time elapsed: 46 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) _________________________________________________________ ComboFix 09-06-26.02 - Sachin Naik 27-Jun-09 12:12.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.959.489 [GMT 5.5:30] Running from: c:\download\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-06-27 ))))))))))))))))))))))))))))))) . 2009-06-26 15:27 . 2009-06-26 15:27 3561743 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-06-19 14:49 . 2009-06-19 14:49 -------- d-----w- c:\program files\Santa Claus in trouble ...again! - Demo 2009-06-17 15:56 . 2009-06-17 15:56 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\Thunderbird 2009-06-17 15:56 . 2009-06-17 15:56 -------- d-----w- c:\documents and settings\Sachin Naik\Local Settings\Application Data\Thunderbird 2009-06-17 15:56 . 2009-06-27 06:08 -------- d-----w- c:\program files\Mozilla Thunderbird 2009-06-17 14:46 . 2009-06-17 14:46 -------- d-----w- c:\documents and settings\Sachin Naik\Local Settings\Application Data\Help 2009-06-17 14:45 . 2009-06-17 14:45 -------- d-----w- C:\Multimedia Files 2009-06-17 14:44 . 2009-06-17 14:46 -------- d-----w- c:\program files\Microsoft GIF Animator 2009-06-15 07:02 . 2009-06-15 07:04 -------- dc----w- c:\windows\system32\DRVSTORE 2009-06-15 07:01 . 2009-06-15 07:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2009-06-11 17:19 . 2009-05-28 06:21 2075416 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll 2009-06-11 17:18 . 2009-06-02 18:27 1948440 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgtray.exe 2009-06-11 17:18 . 2009-06-02 18:27 1213720 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgfrw.exe 2009-06-11 17:18 . 2009-06-02 18:26 3298072 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\setup.exe 2009-06-11 17:18 . 2009-06-02 18:26 341272 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgsrmax.exe 2009-06-11 17:18 . 2009-06-02 18:26 760600 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgscanx.exe 2009-06-05 10:49 . 2009-06-05 10:49 8854 ----a-r- c:\documents and settings\Sachin Naik\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe 2009-06-05 10:49 . 2009-06-05 10:49 40960 ----a-r- c:\documents and settings\Sachin Naik\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe 2009-06-05 10:49 . 2009-06-05 10:49 40960 ----a-r- c:\documents and settings\Sachin Naik\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe 2009-06-05 10:49 . 2009-06-05 14:20 -------- d-----w- c:\program files\Project64 1.6 2009-06-05 10:42 . 2009-06-05 10:42 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{1596C986-55C5-4898-A908-44973D039EA5} 2009-06-04 15:27 . 2009-06-04 17:37 -------- d-----w- c:\program files\Ultimate Racing Showdown 2009-06-04 07:35 . 2009-06-24 07:42 -------- d-----w- c:\program files\Aladdin 2009-06-03 05:52 . 2009-06-03 05:52 -------- d-----w- c:\program files\Santa Claus in Trouble 2009-06-03 04:50 . 2005-04-12 07:24 331184 ------w- c:\windows\system32\difxapi.dll 2009-06-03 04:47 . 2008-12-16 10:18 21144 ----a-w- c:\windows\system32\drivers\xfilt.sys 2009-06-03 04:47 . 2008-12-16 10:17 13976 ----a-w- c:\windows\system32\drivers\videX32.sys 2009-06-02 18:27 . 2009-06-02 18:27 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgupd.exe 2009-06-02 17:35 . 2009-06-02 17:35 -------- d-----w- c:\program files\VIA 2009-06-01 10:27 . 2009-06-01 10:37 -------- d-----w- c:\program files\MSI 2009-06-01 10:23 . 2009-06-01 10:23 -------- d-----w- C:\Intel 2009-06-01 07:28 . 2009-06-01 07:28 -------- d-----w- c:\documents and settings\Sachin Naik\Local Settings\Application Data\Adobe 2009-06-01 07:28 . 2009-06-01 07:28 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\AdobeUM 2009-06-01 07:26 . 2009-06-01 07:26 -------- d-----w- c:\windows\Cache 2009-05-30 05:42 . 2009-05-30 05:42 552 ----a-w- c:\windows\system32\d3d8caps.dat 2009-05-29 06:47 . 2009-05-29 06:55 -------- d-----w- c:\program files\DOSBox-0.72 2009-05-29 06:44 . 2009-05-29 06:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Softdisk LLC 2009-05-28 12:22 . 2009-06-27 05:26 -------- d--h--w- C:\$AVG8.VAULT$ 2009-05-28 08:25 . 2009-05-28 06:21 76040 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgtdix.sys 2009-05-28 08:25 . 2009-05-28 06:21 97928 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys 2009-05-28 08:25 . 2009-05-28 06:21 10520 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgrsstx.dll 2009-05-28 08:25 . 2009-05-28 06:21 26824 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgmfx86.sys 2009-05-28 08:25 . 2009-05-28 06:21 287000 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgrsx.exe 2009-05-28 08:11 . 2009-05-28 08:11 1439488 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll 2009-05-28 08:11 . 2009-05-28 08:11 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe 2009-05-28 08:11 . 2009-05-28 08:11 755992 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avginet.dll 2009-05-28 08:11 . 2009-05-28 08:11 587032 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgiproxy.exe 2009-05-28 07:55 . 2009-05-28 07:55 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\AVG8 2009-05-28 07:49 . 2009-05-28 07:49 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\MiniDm 2009-05-28 07:08 . 2009-05-28 07:08 -------- d-----w- c:\documents and settings\Sachin Naik\Local Settings\Application Data\Apple Computer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-27 06:37 . 2009-05-18 14:00 -------- d-----w- c:\program files\Crawler 2009-06-27 05:55 . 2009-05-24 08:21 117760 ----a-w- c:\documents and settings\Sachin Naik\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-06-27 05:14 . 2009-05-18 06:22 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-27 05:11 . 2009-05-18 08:45 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-06-26 17:11 . 2009-05-23 17:10 -------- d-----w- c:\program files\ProxyWay 2009-06-26 15:30 . 2009-05-18 14:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-26 13:58 . 2009-05-19 11:25 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\OpenOffice.org2 2009-06-26 13:53 . 2009-05-18 06:22 -------- d-----w- c:\program files\ThreatFire 2009-06-19 20:37 . 2009-05-18 06:22 46864 ----a-w- c:\windows\system32\drivers\TfSysMon.sys 2009-06-19 20:37 . 2009-05-18 06:22 33552 ----a-w- c:\windows\system32\drivers\TfNetMon.sys 2009-06-19 20:37 . 2009-05-18 06:22 51984 ----a-w- c:\windows\system32\drivers\TfFsMon.sys 2009-06-17 05:57 . 2009-05-18 14:05 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 05:57 . 2009-05-18 14:05 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-08 06:21 . 2009-05-28 06:21 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-06-03 15:06 . 2009-05-28 06:21 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\AVGTOOLBAR 2009-06-03 04:58 . 2009-06-03 04:57 -------- d-----w- c:\program files\S3 2009-06-03 04:57 . 2009-05-17 17:33 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-01 07:28 . 2009-05-18 05:28 -------- d-----w- c:\program files\Common Files\Adobe 2009-05-28 08:25 . 2009-05-28 06:21 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-05-28 08:25 . 2009-05-28 06:21 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-05-28 08:25 . 2009-05-28 06:21 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-05-28 08:24 . 2009-05-28 06:21 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-05-27 09:29 . 2009-05-27 09:29 -------- d-----w- c:\program files\Enigma Software Group 2009-05-27 09:02 . 2009-05-18 14:55 3371383 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup2.exe 2009-05-26 14:50 . 2009-05-24 08:20 -------- d-----w- c:\program files\SUPERAntiSpyware 2009-05-25 17:21 . 2009-05-25 17:21 -------- d-----w- c:\program files\FLVPlayer 2009-05-24 14:23 . 2009-05-24 14:23 -------- d-----w- c:\program files\prince 4d 2009-05-24 08:20 . 2009-05-24 08:20 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2009-05-24 08:20 . 2009-05-24 08:20 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\SUPERAntiSpyware.com 2009-05-24 08:18 . 2009-05-24 08:18 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-05-24 05:52 . 2009-05-24 05:52 -------- d-----w- c:\program files\Trend Micro 2009-05-22 09:04 . 2009-05-22 09:04 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\aAvgApi 2009-05-20 17:49 . 2009-05-18 05:15 21272 ----a-w- c:\documents and settings\Sachin Naik\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-20 15:58 . 2009-05-20 15:58 -------- d-----w- c:\program files\Avira GmbH 2009-05-20 13:58 . 2009-05-20 13:58 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\Apple Computer 2009-05-20 13:56 . 2009-05-20 13:53 -------- d-----w- c:\program files\QuickTime 2009-05-20 13:53 . 2009-05-20 13:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2009-05-20 13:52 . 2009-05-17 17:33 -------- d-----w- c:\program files\Common Files\InstallShield 2009-05-19 12:30 . 2009-05-19 12:30 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\Desktopicon 2009-05-19 12:30 . 2009-05-19 12:30 -------- d-----w- c:\program files\FormatFactory 2009-05-19 12:20 . 2009-05-19 12:20 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2009-05-19 12:20 . 2009-05-19 12:20 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\NCH Swift Sound 2009-05-19 12:20 . 2009-05-19 12:20 -------- d-----w- c:\program files\NCH Swift Sound 2009-05-19 11:23 . 2009-05-19 11:23 -------- d-----w- c:\program files\OpenOffice.org 2.1 2009-05-19 11:19 . 2009-05-19 11:19 -------- d-----w- c:\program files\WordWeb 2009-05-18 14:46 . 2009-05-18 14:43 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-05-18 14:46 . 2009-05-18 14:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-18 14:05 . 2009-05-18 14:05 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\Malwarebytes 2009-05-18 14:05 . 2009-05-18 14:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-05-18 13:57 . 2009-05-18 13:57 0 ----a-w- c:\windows\nsreg.dat 2009-05-18 13:56 . 2009-05-18 13:56 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS 2009-05-18 13:53 . 2009-05-18 13:53 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software 2009-05-18 13:53 . 2009-05-18 13:53 -------- d-----w- c:\program files\NCH Software 2009-05-18 13:53 . 2009-05-18 13:53 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\NCH Software 2009-05-18 13:47 . 2009-05-18 13:47 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\IEPro 2009-05-18 13:47 . 2009-05-18 13:47 -------- d-----w- c:\program files\IEPro 2009-05-18 08:56 . 2009-05-18 08:56 -------- d-----w- c:\program files\WIDCOMM 2009-05-18 08:54 . 2009-05-18 08:54 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\Audio Record Edit Toolbox Pro 2009-05-18 08:44 . 2009-05-18 08:44 -------- d-----w- c:\program files\ATI Technologies 2009-05-18 08:44 . 2009-05-18 08:44 -------- d-----w- c:\program files\ATI 2009-05-18 07:05 . 2009-05-18 06:20 -------- d-----w- c:\program files\Billeo 2009-05-18 07:05 . 2009-05-18 07:02 -------- d-----w- c:\documents and settings\All Users\Application Data\billeo 2009-05-18 06:22 . 2009-05-18 06:22 -------- d-----w- c:\documents and settings\All Users\Application Data\IM 2009-05-18 06:22 . 2009-05-18 06:22 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools 2009-05-18 06:21 . 2009-05-18 06:21 -------- d-----w- c:\documents and settings\All Users\Application Data\IncrediMail 2009-05-18 06:18 . 2009-05-18 06:18 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\Audio Recorder for Free 2009-05-18 06:18 . 2009-05-18 06:17 -------- d-----w- c:\program files\Audio Recorder for Free 2009-05-18 05:53 . 2009-05-18 05:53 -------- d-----w- c:\program files\AVG 2009-05-18 05:28 . 2009-05-18 05:28 -------- d-----w- c:\documents and settings\Sachin Naik\Application Data\InterTrust 2009-05-18 05:23 . 2009-05-17 17:09 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-05-18 05:12 . 2009-05-18 05:12 2232 ----a-w- c:\windows\java\Packages\Data\DFZJVRXJ.DAT 2009-05-18 05:12 . 2009-05-18 05:12 155995 ----a-w- c:\windows\java\Packages\H3DZJZDB.ZIP 2009-05-18 05:12 . 2009-05-18 05:12 2678 ----a-w- c:\windows\java\Packages\Data\U3V5BDB1.DAT 2009-05-18 05:12 . 2009-05-18 05:12 2678 ----a-w- c:\windows\java\Packages\Data\TNBRD3FB.DAT 2009-05-18 05:12 . 2009-05-18 05:12 2678 ----a-w- c:\windows\java\Packages\Data\GP7NN3N5.DAT 2009-05-18 05:12 . 2009-05-18 05:12 2678 ----a-w- c:\windows\java\Packages\Data\AWWFDBXV.DAT 2009-05-18 05:12 . 2009-05-18 05:12 2678 ----a-w- c:\windows\java\Packages\Data\2IBZBXFD.DAT 2009-05-18 05:11 . 2009-05-18 05:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive 2009-05-18 05:11 . 2009-05-18 05:11 -------- d-----w- c:\program files\Common Files\Motive 2009-05-17 17:34 . 2009-05-17 17:34 -------- d-----w- c:\program files\Realtek 2009-05-17 17:33 . 2009-05-17 17:33 315392 ----a-w- c:\windows\HideWin.exe 2009-05-17 17:10 . 2009-05-17 17:10 -------- d-----w- c:\program files\microsoft frontpage 2009-05-17 17:07 . 2009-05-17 17:07 21640 ----a-w- c:\windows\system32\emptyregdb.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ThreatFire"="c:\program files\ThreatFire\TFTray.exe" [2009-06-19 259344] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-20 155648] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-28 1947928] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-06-17 414992] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-01-30 16116224] "VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2006-09-21 53248] c:\documents and settings\Sachin Naik\Start Menu\Programs\Startup\ WordWeb.lnk - c:\program files\WordWeb\wweb32.exe [2009-5-19 19968] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Billeo.lnk - c:\program files\Billeo\billeo.exe [2008-11-20 1176840] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-12 581693] SecureDoc.lnk - c:\program files\MSI\SecureDoc\Logon.exe [2009-6-1 82944] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 06:35 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-05-28 08:25 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\IEPro\\MiniDM.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [18-May-09 11:52 AM 51984] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [18-May-09 11:52 AM 46864] R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [03-Jun-09 10:17 AM 21144] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [28-May-09 11:51 AM 325896] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [28-May-09 11:51 AM 108552] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23-Mar-09 02:07 PM 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23-Mar-09 02:07 PM 72944] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [28-May-09 01:54 PM 908568] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [28-May-09 01:54 PM 298776] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [18-May-09 07:35 PM 195856] R2 ThreatFire;ThreatFire;c:\program files\ThreatFire\TFService.exe service --> c:\program files\ThreatFire\TFService.exe service [?] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [18-May-09 07:35 PM 19096] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23-Mar-09 02:07 PM 7408] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [18-May-09 11:52 AM 33552] --- Other Services/Drivers In Memory --- *Deregistered* - mchInjDrv . Contents of the 'Scheduled Tasks' folder . . ------- Supplementary Scan ------- . uLocal Page = \blank.htm uStart Page = about:blank IE: &WordWeb... - c:\windows\wweb32.dll/lookup.html IE: Crawler Search - tbr:iemenu IE: Download with Star Downloader - f:\download\Star Downloader\sdie.htm IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Sachin Naik\Application Data\Mozilla\Firefox\Profiles\t6tu1aay.default\ FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-27 12:18 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(728) c:\program files\SUPERAntiSpyware\SASWINLO.dll c:\program files\ThreatFire\TFWAH.dll c:\program files\ThreatFire\TFNI.dll c:\program files\ThreatFire\TFMon.dll c:\program files\ThreatFire\TFRK.dll - - - - - - - > 'lsass.exe'(784) c:\program files\ThreatFire\TFWAH.dll - - - - - - - > 'explorer.exe'(456) c:\program files\ThreatFire\TFWAH.dll . Completion time: 2009-06-27 12:22 ComboFix-quarantined-files.txt 2009-06-27 06:52 Pre-Run: 14,214,832,128 bytes free Post-Run: 14,506,696,704 bytes free 242 _______________________________________________-- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:28:27 PM, on 27-Jun-09 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ThreatFire\TFTray.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\VTTimer.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Billeo\billeo.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\MSI\SecureDoc\Logon.exe C:\Program Files\WordWeb\wweb32.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\ThreatFire\TFService.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Billeo - {465E08E7-F005-4389-980F-1D8764B3486C} - C:\Program Files\Billeo\billeo.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - F:\Download\STARDO~1\SDIEInt.dll O3 - Toolbar: Billeo - {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - C:\Program Files\Billeo\billeo.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe O4 - Global Startup: Billeo.lnk = C:\Program Files\Billeo\billeo.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: SecureDoc.lnk = C:\Program Files\MSI\SecureDoc\Logon.exe O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: Download with Star Downloader - F:\Download\Star Downloader\sdie.htm O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Billeo - {97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - C:\Program Files\Billeo\billeo.dll (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1242710893437 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe -- End of file - 6702 bytes
  14. ok for 1 week I was trying to update my MBAM but it used to fail, finally yesterday night I just updated it and thank god it got updated to the latest version 1.38 (I did not use that link which u gave as i could update it, thank you), presently I am running a scan using it, lets see if it finds anything The next problem is that whenever I start my MBAM along with windows by ticking the option "start with windows" I allways have start up problems, the entire screen gets stuck up in such a way that I have to force to shut down my PC and the only option left to overcome this problem is untick the option "start with windows" then I dont have a single problem with start up, but plz note that this used to happen everytime from when I purchased the key, as i could control that option "start with windows" The other software i use is threatfire and avg free Now overall what I would like to ask you is that, is MBAM having any special functionality by which it can scan for threats on start up, such that its compulsory to start MABAM protection along with windows
  15. I cannot update my MBAM 1.37, when I click on update, my MBAM of course connects to malwarebytes.org and starts updating but when the update goes upto 36kb it gets interrupted, i get an error message like this
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.