Jump to content

Pops55

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hello, Maleware Bytes will install and run for, sometimes, up to 6 secs and then the app goes away. When I try to rerun by clicking on icon I get this "Windows cannot access the specified device, path, or file. You may not have permisios to access the item." Would appreciate your assistance, thanks in advance.
  2. Unable to start Malwarebytes Anti-Malware, the attached files are as you requested, I couldn't upload the GMER file. Thanks. GMER 1.0.15.15020 [b2ddm2yd[1].exe] - http://www.gmer.net Rootkit scan 2009-08-09 12:10:40 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.15 ---- Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0xAA1D64EA] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateKey [0xAA1D6581] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcess [0xAA1D6498] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcessEx [0xAA1D64AC] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwDeleteKey [0xAA1D6595] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xAA1D65C1] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateKey [0xAA1D662F] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateValueKey [0xAA1D6619] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xAA1D652A] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwNotifyChangeKey [0xAA1D665B] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenKey [0xAA1D656D] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0xAA1D6470] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0xAA1D6484] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0xAA1D64FE] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryKey [0xAA1D6697] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryMultipleValueKey [0xAA1D6603] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryValueKey [0xAA1D65ED] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRenameKey [0xAA1D65AB] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwReplaceKey [0xAA1D6683] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRestoreKey [0xAA1D666F] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetContextThread [0xAA1D64D6] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetInformationProcess [0xAA1D64C2] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetValueKey [0xAA1D65D7] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwTerminateProcess [0xAA1D6559] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnloadKey [0xAA1D6645] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xAA1D6540] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwYieldExecution [0xAA1D6514] Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtMapViewOfSection Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtSetInformationProcess ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) AttachedDevice \Driver\Tcpip \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Tcpip \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.) AttachedDevice \Driver\Tcpip \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.) AttachedDevice \Driver\Tcpip \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.) Device \FileSystem\Fastfat \Fat A880CD20 AttachedDevice \FileSystem\Fastfat \Fat mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ---- Processes - GMER 1.0.15 ---- Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\Program Files\Windows Media Player\WMPNetwk.exe [280] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\Program Files\Bonjour\mDNSResponder.exe [668] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [936] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\WINDOWS\system32\svchost.exe [1268] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1308] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\WINDOWS\system32\svchost.exe [1352] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\Program Files\McAfee\MPF\MPFSrv.exe [1368] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\WINDOWS\system32\svchost.exe [1476] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\WINDOWS\system32\LEXPPS.EXE [1808] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\WINDOWS\system32\spoolsv.exe [1816] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\WINDOWS\System32\alg.exe [2392] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [2604] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [2616] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [3056] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [3296] 0x35670000 Library \\?\globalroot\Device\__max++>\25B79FD2.x86.dll (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [4004] 0x35670000 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000 ---- EOF - GMER 1.0.15 ---- DDS1.txt Attach.txt DDS1.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.