Jump to content

control_tps

Honorary Members
 View Profile  See their activity

  • Posts

    41

  • Joined

  • Last visited

 Content Type 

Everything posted by control_tps

  1. control_tps
    Hello, Here is my quick scan after update. All clear, thanks. Malwarebytes' Anti-Malware 1.44 Database version: 3897 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 3/21/2010 5:46:56 PM mbam-log-2010-03-21 (17-46-56).txt Scan type: Quick Scan Objects scanned: 115430 Time elapsed: 3 minute(s), 5 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  2. control_tps
    Thank you. I have search in Google for words like "malware", "spyware", and "freeantivirus" and I was not redirected to PCtools or Stopzilla. I search using Firefox and Internet Explorer with the same results, "my search was not redirected."
  3. control_tps
    Bruce thanks for your help. As for now, I
  4. control_tps
    Hello and thank you Bruce. The bold fonts are the one I'm reporting as false positive. Malwarebytes' Anti-Malware 1.41 Database version: 3244 Windows 5.1.2600 Service Pack 3 11/27/2009 11:40:44 AM mbam-log-2009-11-27 (11-40-44).txt Scan type: Quick Scan Objects scanned: 121283 Time elapsed: 6 minute(s), 51 second(s) Memory Processes Infected: 1 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: C:\Documents and Settings\HP_Administrator\Local Settings\Temp\c.exe (Trojan.Downloader) -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sshnas (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sshnas (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\videohost (Trojan.Downloader) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\HP_Administrator\Local Settings\Temp\c.exe (Trojan.Downloader) -> Delete on reboot. C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sshnas.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. Here is my scan for 11/28/09. Malwarebytes' Anti-Malware 1.41 Database version: 3249 Windows 5.1.2600 Service Pack 3 11/28/2009 3:18:02 AM mbam-log-2009-11-28 (03-18-02).txt Scan type: Quick Scan Objects scanned: 121392 Time elapsed: 2 minute(s), 42 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  5. control_tps
    Here is my MBAM scan on 11/27/09. I will provide a developer log when ask by the MBAM team. I wanted to delete them, just in case. Malwarebytes' Anti-Malware 1.41 Database version: 3244 Windows 5.1.2600 Service Pack 3 11/27/2009 11:40:44 AM mbam-log-2009-11-27 (11-40-44).txt Scan type: Quick Scan Objects scanned: 121283 Time elapsed: 6 minute(s), 51 second(s) Memory Processes Infected: 1 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: C:\Documents and Settings\HP_Administrator\Local Settings\Temp\c.exe (Trojan.Downloader) -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sshnas (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sshnas (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\videohost (Trojan.Downloader) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\HP_Administrator\Local Settings\Temp\c.exe (Trojan.Downloader) -> Delete on reboot. C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sshnas.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. Here is my scan for 11/28/09. Malwarebytes' Anti-Malware 1.41 Database version: 3249 Windows 5.1.2600 Service Pack 3 11/28/2009 3:18:02 AM mbam-log-2009-11-28 (03-18-02).txt Scan type: Quick Scan Objects scanned: 121392 Time elapsed: 2 minute(s), 42 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  6. control_tps
    Hello, Please help! I'm receiving this "Host Process for Window Services stopped working and was closed". I'm also getting a Blue Screen and Windows Error Recovery, on and off. Here is my Hijackthis log and MBAM. I have tried everything to fix this, but I cannot. The Norton 360 3V, had stopped working therefore, I took it out, and instead downloaded Microsoft Security Essential (did a quick scan and said my PC was clean). Thank you very much. MBAM log: Malwarebytes' Anti-Malware 1.41 Database version: 3131 Windows 6.0.6002 Service Pack 2 11/8/2009 8:50:11 PM mbam-log-2009-11-08 (20-50-11).txt Scan type: Quick Scan Objects scanned: 100606 Time elapsed: 5 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:44:42 PM, on 11/8/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Program Files\Secunia\PSI\psi.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Sandboxie\SandboxieRpcSs.exe C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Dwm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Sandboxie\SandboxieCrypto.exe C:\Sandbox\Sony\DefaultBox\drive\C\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IE BHO Utility - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files\Surf Canyon\surfcanyon.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" O4 - HKUS\S-1-5-21-1299043419-2558199667-3876026026-1000\..\Run: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" (User '?') O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {11316B13-33F0-4C9F-BD55-09994CCFA8EB} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll (file missing) O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7716 bytes
  7. control_tps
    Hello, Thank you exile360, Nossirah, and Greenknight for all your help. I was able to restore the files and my scan was clean. B) Malwarebytes' Anti-Malware 1.41 Database version: 3056 Windows 6.0.6002 Service Pack 2 10/29/2009 1:43:28 PM mbam-log-2009-10-29 (13-43-28).txt Scan type: Quick Scan Objects scanned: 99810 Time elapsed: 5 minute(s), 17 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected)
  8. control_tps
    Yes, I understand now, but how do you find this EAL.EXE in my PC. Where do I look for it? Thanks you.
  9. control_tps
    I'm sorry Bruce, but can you please provide a step by step instruction in how to do this. Because, I can't do it. Maybe, next time I can get it right. Also, did I post the developer log correctly? Thanks for all your help.
  10. control_tps
    Sorry, for got about the XP PC, here it is. mbam_log_2009_10_27__14_41_41_.zip
  11. control_tps
    Here it is, I hope. mbam_log_2009_10_27__14_12_37_.zip
  12. control_tps
  13. control_tps
    Here is my Vista PC Full System Scan result with developer log. Malwarebytes' Anti-Malware 1.41 Database version: 3043 Windows 6.0.6002 Service Pack 2 10/27/2009 2:12:37 PM mbam-log-2009-10-27 (14-12-37).txt Scan type: Full Scan (C:\|) Objects scanned: 252149 Time elapsed: 1 hour(s), 25 minute(s), 25 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\epson\PrinterDriverTemp\SCX6000\EAL.EXE (Backdoor.Bot) -> Quarantined and deleted successfully. [4948455830356668766980808315358085010707015538515242484730201301041504150415040 10707015253514247405230171301213722342217171717191717171717171721171717391717393 9 39391717171735251717171717171717171717171717211717171834171717171717171717171717 1 71717171717171717171717171717171717171717171717171717171717171717171717171717171 7 17171717171717171717171717171717181717171735341817171717381839352117263637191835 2 51718213636371918261726172221232523262420191724172419233923242419231823371917233 7 24222420242119172319232219172419242223381917242223382321232224191917222423262338 2 02020191737173419212024171717171717171717171717171717171717171717171717171717171 7 17171717171717171717171717171717171717171717171717171717171717171717171717171717 1 71717171717171717171717171717171717171717171717171717171717171717171717171717171 7 17171717171717171717171717171717171717171717171717171717171717171717171717171717 1 71717171717171717171717171717171717171717171717171717171717171717171717171717171 7 17171717171717171717171717171717171717171717171717171717171717171717171717171717 1 71717171717171717171717171717171717171717171717171717171717171717171717171717171 7 22172122171717172136171817251717182622382119193417171717171717171717171717171717 3 81717172538251817351718171918261717323232321717171732321717171717171717171717173 2 32323232321717171718171717171717173232323217171717171732323232171718171717171717 1 71719171717171718171717171717171717171717171717211717171717171717171717171717171 7 32323232171717171721171717171717171717171717171917171717171717171717323217171717 2 11717171717171717171817171717171817171717171717171717171717181717171717171717171 7 17171717171717171717171717171732323232171732323232171717171717323232321717171732 3 21717171717171717171717171717171717171717171717171717171717171717171717171717323 2 32321717323232321717171717171717171717171717171717171717171717171717171717171717 1 71717171717171717171717171717171717171717173232323217171825171717171717171717171 7 17171717171717171717171717171717171717171717171717171717171717171717171717171717 1 71717171717171717171717171717171717171717171717171717171717171717171717171717171 7 17171717171717171717212021392121212217171717171717173232323232321717171718171717 1 71717173232323217171717172117171717171717171717171717171717171717171717171717171 7 17191717171717231721212118222121181717171717171717323232321717171717173232323217 1 71717323217171717171732323232171717171717171717171717171717171717171717171717171 7 21171717171736172119222022201717171717171717171732323232171717171717323232321717 1 71717171717171717173232323217171717171717171717171717171717171717171717171717171 7 17171717173617193823262321231824212318171717173232323217171717171732323232171717 1 73232171717171717323232321717171717171717171717171717171717171717171717171717211 7 17171717361719382421233624201717171717171717323217171717171717173232323217171717 1 71717171717171732323232171717171717171717171717171717171717171717171717171717171 7 17171736171938241923212318242123181717171718251717171717171717323232321717171717 1 91717171717173232323217171717171717171717171717171717171717171717171717172117171 7 17172217193824192322233623392320171717173232323217171717171732323232171717173232 1 71717171717323232321717171717171717171717171717171717171717171717171717211717171 7 17221719382419242024192320171717171717171732321717171717173232323217171717323217 1 71717171732323232171717171717171717171717171717171717171717171717171721171717171 7 22171717171717171717171717171717171717171717171717171717323232321717171717171717 1 71717173232323217171717171717171717171717171717171717171717171717172117171717172 2 17171717171717171717171717171717171717171717171717171717171717171717171717171717 1 71717171717171717171717171717171717171717171717171717171717171717171717171717171 7 17171717171717171717171717171717171717171717171717171717171717171717171717171717 1 71717171717171717171717171717171717171717171717171717171717171717171717171717171 7 17171717171717171717171717171717171717171717171717171717171717171717171717171717 1 71717171717171717171717171717171717171717171717171717171717171717171717171717171 7 17171717171717171717171717171717171717171717171717171717171717171717171717171717 1 71717171717171717171717171717171717171717171717171717171717171717171717171717211 8 1732323232173417232220242124192326233823242225] mbam_log_2009_10_27__14_10_04_.txt
  14. control_tps
    Hello Jacktivity, Thank you. I did not clicked the "Save Logfile", instead had MBAM deleted it. However, a nice picture of "how to create step by step developer log" would be helpful, please. I believe, I figured it out now. I'm in the process of scanning both Vista/XP and will post the developer log. Still, MBAM is awesome and the people are very supportive. About the Notepad I open my Notepad: Notepad> go to Format, >and Word Wrap is not check. So, this mean that the Word Wrap is OFF, because the "check" mark is missing, right? There was no "On or OFF " choice in Notepad pertaining to the Word Wrap. Once again, thank you.
  15. control_tps
    Here it is, I hope it is correct. mbam_log_2009_10_27__12_27_42_.txt
  16. control_tps
    I'm posting this, because MBAM found the Backdoor.Bot on my Vista and XP. However, Norton, SAS, Window Defender did not find any Backdoor.Bot. But I had a difficult time posting the developer log for Bruce. Appreciated and thanks for your helped Bruce. Please, can somebody write in detail how to made a developer log for reporting False Positive. I followed the following step, but I guess I did it incorrectly. 1. Click the Start Menu 2. Click Run 3. Type in mbam.exe / developer, without any quotes. 4. Run the same type of scan you did before and save the logfile and post it. (Confused from here, because how about after the first scan, MBAM had already quarantine or deleted the bad stuff. When the second scan using the developer log steps above, MBAM would find nothing because it was already deleted or quarantine. So, I have to restore what it found and re-scan using the developer log steps, right? And post that, right? In saving the logfile. Can I save it under the Save As, then save in the Desktop, then Upload with the next post. I don't understand how to put something in zip file either. I was a very stressfull for me yesterday, because of this Backdoor.Bot thing. I hope it was False Positive. Thank you
  17. control_tps
    Here is the zip file. mbam_log_2009_10_26__13_45_12_.zip
  18. control_tps
    I did follow the step in how to save a log in developer mode. Sorry, I just don't understand how to do it, I guess. mbam_log_2009_10_26__13_45_12_.txt
  19. control_tps
    Here is the new scan with developer log. Malwarebytes' Anti-Malware 1.41 Database version: 3038 Windows 6.0.6002 Service Pack 2 10/26/2009 11:34:24 PM mbam-log-2009-10-26 (23-34-24).txt Scan type: Quick Scan Objects scanned: 99719 Time elapsed: 1 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) mbam_log_2009_10_26__23_34_24_.txt
  20. control_tps
    Please, let me know if I posted the correct developer log, Bruce. I noticed that there was new update. Here is the scan with new update. Malwarebytes' Anti-Malware 1.41 Database version: 3038 Windows 6.0.6002 Service Pack 2 10/26/2009 11:25:37 PM mbam-log-2009-10-26 (23-25-37).txt Scan type: Quick Scan Objects scanned: 99722 Time elapsed: 2 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  21. control_tps
    Here is the other log from before. mbam_log_2009_10_26__13_45_12_.txt mbam_log_2009_10_26__16_14_08_.txt
  22. control_tps
    I hope I did this correct. Malwarebytes' Anti-Malware 1.41 Database version: 3037 Windows 6.0.6002 Service Pack 2 10/26/2009 11:02:12 PM mbam-log-2009-10-26 (23-02-12).txt Scan type: Quick Scan Objects scanned: 99657 Time elapsed: 4 minute(s), 34 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) mbam_log_2009_10_26__23_02_12_.txt
  23. control_tps
    Here is my second Full Scan: Please check this out. Thank you. Malwarebytes' Anti-Malware 1.41 Database version: 3037 Windows 6.0.6002 Service Pack 2 10/26/2009 4:14:08 PM mbam-log-2009-10-26 (16-14-08).txt Scan type: Full Scan (C:\|K:\|) Objects scanned: 275276 Time elapsed: 1 hour(s), 35 minute(s), 53 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\epson\PrinterDriverTemp\SCX6000\EAL.EXE (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\DriverStore\FileRepository\e_df1bia.inf_e6cbc414\EAL.EXE (Backdoor.Bot) -> Quarantined and deleted successfully. mbam_log_2009_10_26__16_14_08_.txt
  24. control_tps
    Here is the first scan on my XP PC: Malwarebytes' Anti-Malware 1.41 Database version: 3037 Windows 5.1.2600 Service Pack 3 10/26/2009 3:29:50 PM mbam-log-2009-10-26 (15-29-50).txt Scan type: Quick Scan Objects scanned: 116806 Time elapsed: 6 minute(s), 22 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\EAL.EXE (Backdoor.Bot) -> Quarantined and deleted successfully. Here is the second scan on my XP PC: Malwarebytes' Anti-Malware 1.41 Database version: 3037 Windows 5.1.2600 Service Pack 3 10/26/2009 3:41:51 PM mbam-log-2009-10-26 (15-41-51).txt Scan type: Quick Scan Objects scanned: 116701 Time elapsed: 6 minute(s), 32 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) mbam_log_2009_10_26__15_41_51_.txt
  25. control_tps
    After the scan MBAM found the following: Malwarebytes' Anti-Malware 1.41 Database version: 3037 Windows 6.0.6002 Service Pack 2 10/26/2009 1:45:12 PM mbam-log-2009-10-26 (13-45-12).txt Scan type: Quick Scan Objects scanned: 99601 Time elapsed: 1 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Windows\System32\EAL.EXE (Backdoor.Bot) -> Quarantined and deleted successfully. mbam_log_2009_10_26__13_45_12_.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.