Jump to content

BettyinSB

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

Reputation

0 Neutral

Profile Information

  • Location
    SB
  1. BettyinSB
    Okay. I am pretty frustrated. I have tried to run all kinds of things that were supposed to fix my problem but did not. Here are my logs. I have run several scans and I keep getting the same result. I did run something that told me the globalroot thing that is bad is a locked file. Please forgive my ultra high-tech terminology. I am more cute than CPU savvy. Malwarebytes' Anti-Malware 1.39 Database version: 2499 Windows 5.1.2600 Service Pack 3 7/26/2009 7:48:19 AM mbam-log-2009-07-26 (07-48-19).txt Scan type: Quick Scan Objects scanned: 4176 Time elapsed: 18 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: \\?\globalroot\systemroot\system32\geyekrikxbpotp.dll (Trojan.TDSS) -> Delete on reboot. Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: \\?\globalroot\systemroot\system32\geyekrikxbpotp.dll (Trojan.TDSS) -> Quarantined and deleted successfully. ************************************************ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:14:01 PM, on 7/26/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Common Files\Virtual Token\vtserver.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\SKDAEMON.EXE C:\IBMTOOLS\UTILS\ibmprc.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Symantec\Ghost\ngtray.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PeoplePC\ISP6500\Browser\Bartshel.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Symantec\Ghost\ngctw32.exe C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe c:\program files\lenovo\system update\suservice.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\PROGRA~1\PeoplePC\ISP6500\Browser\PPShared.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://*.mcafee.com O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatieControl Object) - http://zone.msn.com/bingame/choc/default/C...eb.1.0.0.15.cab O16 - DPF: {226ACC34-3194-70E2-5AE7-864FCFE9E80D} (CPlayFirstmsiControl Object) - http://zone.msn.com/bingame/mosi/default/msi.1.0.0.9.cab O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://zone.msn.com/bingame/rtlw/default/R...bGameLoader.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5483.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/amun/default/mjolauncher.cab O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://zone.msn.com/bingame/burg/default/G...esPlayer_v6.cab O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://zone.msn.com/bingame/fotg/default/ddfotg.1.0.0.37.cab O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) - http://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab O16 - DPF: {E9B80D94-D8BC-43DE-9138-75605A8D9666} (CPlayFirstWeddingDasControl Object) - http://zone.msn.com/bingame/wedd/default/W...sh.1.0.0.50.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F507868A-D0A4-435F-8604-7239A6401992}: NameServer = 207.217.126.81,207.217.126.82 O23 - Service: Dr.Web Scanning Engine (DrWebEngine) (DrWebEngine) - Doctor Web, Ltd. - C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Symantec Ghost Client Agent (NGCLIENT) - Symantec Corporation - C:\Program Files\Symantec\Ghost\ngctw32.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: SpIDer Guard for Windows (SPIDERNT) - Unknown owner - C:\PROGRA~1\DrWeb\spidernt.exe (file missing) O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe O23 - Service: Protector Suite Virtual Token (vtserver) - UPEK Inc. - C:\Program Files\Common Files\Virtual Token\vtserver.exe -- End of file - 11085 bytes ********************* Okay... so any suggestions as to how to fix?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.