Jump to content

Giant Blue Anteater

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Upon reading that people affected with the same problem as I am have fixed this problem by changing their proxy settings, I have fixed this problem myself and I request this thread to be closed.
  2. After restarting my computer after scanning using Malwarebytes, my browsers won't work! Both Internet Explorer and Firefox won't work! Firefox is giving me: What should I do? If I'm able to, I will post the logfile sometime later.
  3. Running great my friend! I am no longer being redirected, I am not getting a blue screen from running programs! Thank you for your assistance!
  4. YES! It worked without a problem! The logfile is attached to my post. mbam_log_2010_02_22__21_34_16_.txt
  5. ComboFix Log #2: ComboFix 10-02-21.02 - user 02/22/2010 19:27:24.2.1 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2694 [GMT -5:00] Running from: c:\documents and settings\user\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\4DW4R3bbxrfwNvfm.dll c:\windows\system32\4DW4R3bpptNNPvba.dll c:\windows\system32\4DW4R3c.dll c:\windows\system32\4DW4R3dVmDBELgrW.dll c:\windows\system32\4DW4R3fENomVJOJY.dll c:\windows\system32\4DW4R3FqEtImhprt.dll c:\windows\system32\4DW4R3iNNtWQDkPB.dll c:\windows\system32\4DW4R3iPElFXxtMm.dll c:\windows\system32\4DW4R3LjVpvdSJyF.dll c:\windows\system32\4DW4R3nBvjvVFABt.dll c:\windows\system32\4DW4R3oIBLawwpcl.dll c:\windows\system32\4DW4R3PWAQNiFkAI.dll c:\windows\system32\4DW4R3qrtqoWxKXB.dll c:\windows\system32\4DW4R3rvtWaSEgQa.dll c:\windows\system32\4DW4R3sv.dat c:\windows\system32\4DW4R3swyuqEbvkn.dll c:\windows\system32\4DW4R3tpnVhmmyRd.dll c:\windows\system32\4DW4R3UakElAPndf.dll c:\windows\system32\4DW4R3WXgUoRIUYt.dll c:\windows\system32\4DW4R3xOxrRXqquF.dll c:\windows\system32\4DW4R3YLQnHafyCt.dll c:\windows\system32\4DW4R3ywsMHDsWAE.dll c:\windows\system32\4DW4R3YYEJoTtxED.dll c:\windows\system32\drivers\4DW4R3.sys c:\windows\system32\drivers\4DW4R3afaVgfyNsg.sys c:\windows\system32\drivers\4DW4R3dlDVfTPRWb.sys c:\windows\system32\drivers\4DW4R3doYvTmlVYu.sys c:\windows\system32\drivers\4DW4R3eoCRiciJwx.sys c:\windows\system32\drivers\4DW4R3fkkVKttcpV.sys c:\windows\system32\drivers\4DW4R3fonIRXmUEp.sys c:\windows\system32\drivers\4DW4R3kRxuOmMQoY.sys c:\windows\system32\drivers\4DW4R3lRKCUKnjBg.sys c:\windows\system32\drivers\4DW4R3NtmLOJBkiL.sys c:\windows\system32\drivers\4DW4R3oNDodvtXEs.sys c:\windows\system32\drivers\4DW4R3pbtEOmfksX.sys c:\windows\system32\drivers\4DW4R3QaWBvVauRs.sys c:\windows\system32\drivers\4DW4R3QDpmClkWjj.sys c:\windows\system32\drivers\4DW4R3rgexAYswvI.sys c:\windows\system32\drivers\4DW4R3RkWolLxAsy.sys c:\windows\system32\drivers\4DW4R3vhFbPMrnfY.sys c:\windows\system32\drivers\4DW4R3VkPuxSOtQw.sys c:\windows\system32\drivers\4DW4R3VMxQHecMpw.sys c:\windows\system32\drivers\4DW4R3wkESPxlRXr.sys c:\windows\system32\drivers\4DW4R3XKYwixOrjk.sys c:\windows\system32\drivers\4DW4R3YyvPDifXEa.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_4DW4R3 -------\Legacy_4DW4R3 ((((((((((((((((((((((((( Files Created from 2010-01-23 to 2010-02-23 ))))))))))))))))))))))))))))))) . 2010-02-09 23:48 . 2010-02-09 23:48 -------- d-----w- c:\program files\Trend Micro 2010-02-07 19:47 . 2010-01-14 16:12 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-02-07 01:03 . 2010-02-07 19:13 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-02-07 01:03 . 2010-02-07 01:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-02-06 22:01 . 2010-02-06 22:01 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes 2010-02-06 22:01 . 2010-02-06 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-02-06 21:50 . 2010-02-06 22:00 0 ----a-w- c:\program files\wpp.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-22 22:45 . 2009-02-27 00:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2010-02-21 19:38 . 2008-11-08 05:23 -------- d-----w- c:\program files\Windows Live Safety Center 2010-01-30 16:58 . 2009-02-27 00:56 -------- d-----w- c:\program files\Google 2010-01-26 23:55 . 2008-11-04 00:39 -------- d-----w- c:\documents and settings\user\Application Data\gtk-2.0 2010-01-23 23:02 . 2005-09-20 20:26 64432 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-22 22:31 . 2009-01-24 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts 2010-01-20 23:14 . 2008-11-08 17:40 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-08 19:43 . 2009-06-23 19:50 -------- d-----w- c:\documents and settings\user\Application Data\SPORE 2010-01-08 19:39 . 2008-09-07 16:24 -------- d-----w- c:\program files\Electronic Arts 2010-01-08 19:39 . 2005-06-09 23:25 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-02 19:30 . 2008-07-26 23:21 -------- d-----w- c:\program files\City of Heroes 2010-01-02 00:35 . 2010-01-02 00:35 50272 ----a-w- c:\documents and settings\Gamer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-01 22:50 . 2010-01-01 22:50 50272 ----a-w- c:\documents and settings\Heather\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-31 16:50 . 2004-08-10 17:51 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-25 06:11 . 2009-12-25 06:11 47896 ---ha-w- c:\windows\system32\mlfcache.dat 2009-12-25 05:00 . 2008-10-28 01:57 -------- d-----w- c:\documents and settings\user\Application Data\Apple Computer 2009-12-25 04:54 . 2009-12-25 04:53 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-12-25 04:54 . 2008-10-28 01:57 -------- d-----w- c:\program files\iTunes 2009-12-25 04:53 . 2009-12-25 04:53 -------- d-----w- c:\program files\iPod 2009-12-25 04:53 . 2008-10-28 01:56 -------- d-----w- c:\program files\Common Files\Apple 2009-12-25 04:51 . 2005-06-09 23:33 -------- d-----w- c:\program files\QuickTime 2009-12-25 04:49 . 2008-10-28 01:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2009-12-25 04:47 . 2009-12-25 04:47 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-25 04:45 . 2008-09-24 00:52 -------- d-----w- c:\program files\Bonjour 2009-12-21 19:14 . 2004-08-10 17:51 916480 ------w- c:\windows\system32\wininet.dll 2009-12-16 18:43 . 2004-08-10 18:01 343040 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:08 . 2004-08-10 17:50 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-08 19:26 . 2004-08-10 17:51 2145280 ------w- c:\windows\system32\ntoskrnl.exe 2009-12-08 18:43 . 2004-08-04 03:59 2023936 ------w- c:\windows\system32\ntkrnlpa.exe 2009-12-04 18:22 . 2005-06-09 23:07 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2009-11-27 17:11 . 2004-08-10 17:51 1291776 ----a-w- c:\windows\system32\quartz.dll 2009-11-27 17:11 . 2004-08-04 05:56 17920 ----a-w- c:\windows\system32\msyuv.dll 2009-11-27 16:07 . 2004-08-10 17:51 28672 ----a-w- c:\windows\system32\msvidc32.dll 2009-11-27 16:07 . 2001-08-18 03:36 8704 ----a-w- c:\windows\system32\tsbyuv.dll 2009-11-27 16:07 . 2004-08-10 17:51 11264 ----a-w- c:\windows\system32\msrle32.dll 2009-11-27 16:07 . 2004-08-10 17:50 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-11-27 16:07 . 2004-08-04 05:56 48128 ----a-w- c:\windows\system32\iyuv_32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "Google Update"="c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-11-02 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928] "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "Acronis
  6. Combofix has detected a rootkit! Here it is: The ComboFix and HijackThis logs will be posted here in a minute...
  7. Alright, I'll do that again. It's also giving me a blue screen when I ran Adobe Flash CS4 Professional. It seems to me that the computer bluescreens every time I run a memory-demanding program (Malwarebytes included), because whatever I'm infected with is might be taking up much of the system's memory. As well, I keep getting redirected whenever I click a search engine result. I should have mentioned that earlier.
  8. Combofix Log: ComboFix 10-02-09.04 - user 02/10/2010 10:54:36.1.1 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2610 [GMT -5:00] Running from: c:\documents and settings\user\Desktop\ComboFix.exe . Overlay aborted ... Please run ComboFix once more ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\user\Application Data\EurekaLog C:\install.exe c:\program files\Common c:\program files\Common\helper.sig c:\temp\FT62 c:\temp\FT62\teTU.log c:\temp\tn3 c:\windows\system32\mcrh.tmp . ((((((((((((((((((((((((( Files Created from 2010-01-10 to 2010-02-10 ))))))))))))))))))))))))))))))) . 2010-02-09 23:48 . 2010-02-09 23:48 -------- d-----w- c:\program files\Trend Micro 2010-02-09 19:09 . 2010-01-07 21:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-09 19:09 . 2010-02-09 19:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-09 19:09 . 2010-01-07 21:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-07 19:47 . 2010-01-14 16:12 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-02-07 01:03 . 2010-02-07 19:13 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-02-07 01:03 . 2010-02-07 01:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-02-06 22:01 . 2010-02-06 22:01 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes 2010-02-06 22:01 . 2010-02-06 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-02-06 21:50 . 2010-02-06 22:00 0 ----a-w- c:\program files\wpp.exe 2010-01-23 23:00 . 2004-08-04 10:00 185344 ----a-w- c:\windows\system32\Thawbrkr.dll 2010-01-23 23:00 . 2004-08-04 10:00 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll 2010-01-23 23:00 . 2004-08-04 10:00 10752 ----a-w- c:\windows\system32\dllcache\c_iscii.dll 2010-01-23 23:00 . 2004-08-04 10:00 10752 ----a-w- c:\windows\system32\c_iscii.dll 2010-01-23 23:00 . 2004-08-04 10:00 5632 ----a-w- c:\windows\system32\kbdusa.dll 2010-01-23 23:00 . 2004-08-04 10:00 5632 ----a-w- c:\windows\system32\dllcache\kbdusa.dll 2010-01-23 23:00 . 2004-08-04 10:00 6144 ----a-w- c:\windows\system32\ftlx041e.dll 2010-01-23 23:00 . 2004-08-04 10:00 6144 ----a-w- c:\windows\system32\dllcache\ftlx041e.dll 2010-01-12 19:28 . 2009-11-21 15:51 471552 ------w- c:\windows\system32\dllcache\aclayers.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-09 00:49 . 2008-11-08 05:23 -------- d-----w- c:\program files\Windows Live Safety Center 2010-02-09 00:31 . 2009-02-27 00:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2010-01-30 16:58 . 2009-02-27 00:56 -------- d-----w- c:\program files\Google 2010-01-26 23:55 . 2008-11-04 00:39 -------- d-----w- c:\documents and settings\user\Application Data\gtk-2.0 2010-01-23 23:02 . 2005-09-20 20:26 64432 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-22 22:31 . 2009-01-24 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts 2010-01-20 23:14 . 2008-11-08 17:40 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-08 19:43 . 2009-06-23 19:50 -------- d-----w- c:\documents and settings\user\Application Data\SPORE 2010-01-08 19:39 . 2008-09-07 16:24 -------- d-----w- c:\program files\Electronic Arts 2010-01-08 19:39 . 2005-06-09 23:25 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-02 19:30 . 2008-07-26 23:21 -------- d-----w- c:\program files\City of Heroes 2010-01-02 00:35 . 2010-01-02 00:35 50272 ----a-w- c:\documents and settings\Gamer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-01 22:50 . 2010-01-01 22:50 50272 ----a-w- c:\documents and settings\Heather\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-31 16:50 . 2004-08-10 17:51 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-25 06:11 . 2009-12-25 06:11 47896 ---ha-w- c:\windows\system32\mlfcache.dat 2009-12-25 05:00 . 2008-10-28 01:57 -------- d-----w- c:\documents and settings\user\Application Data\Apple Computer 2009-12-25 04:54 . 2009-12-25 04:53 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-12-25 04:54 . 2008-10-28 01:57 -------- d-----w- c:\program files\iTunes 2009-12-25 04:53 . 2009-12-25 04:53 -------- d-----w- c:\program files\iPod 2009-12-25 04:53 . 2008-10-28 01:56 -------- d-----w- c:\program files\Common Files\Apple 2009-12-25 04:51 . 2005-06-09 23:33 -------- d-----w- c:\program files\QuickTime 2009-12-25 04:49 . 2008-10-28 01:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2009-12-25 04:47 . 2009-12-25 04:47 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-25 04:45 . 2008-09-24 00:52 -------- d-----w- c:\program files\Bonjour 2009-12-21 19:14 . 2004-08-10 17:51 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-16 18:43 . 2004-08-10 18:01 343040 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:08 . 2004-08-10 17:50 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-08 19:26 . 2004-08-10 17:51 2145280 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-08 18:43 . 2004-08-04 03:59 2023936 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-12-04 18:22 . 2005-06-09 23:07 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2009-11-27 17:11 . 2004-08-10 17:51 1291776 ----a-w- c:\windows\system32\quartz.dll 2009-11-27 17:11 . 2004-08-04 05:56 17920 ----a-w- c:\windows\system32\msyuv.dll 2009-11-27 16:07 . 2004-08-10 17:51 28672 ----a-w- c:\windows\system32\msvidc32.dll 2009-11-27 16:07 . 2001-08-18 03:36 8704 ----a-w- c:\windows\system32\tsbyuv.dll 2009-11-27 16:07 . 2004-08-10 17:51 11264 ----a-w- c:\windows\system32\msrle32.dll 2009-11-27 16:07 . 2004-08-10 17:50 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-11-27 16:07 . 2004-08-04 05:56 48128 ----a-w- c:\windows\system32\iyuv_32.dll 2009-11-21 15:51 . 2004-08-10 17:50 471552 ----a-w- c:\windows\AppPatch\aclayers.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928] "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "Acronis
  9. Being new here, I posted a thread in the General Malwarebytes' Anti-Malware Forum requesting assistance about a problem I am having with Malwarebytes. I was then directed to this thread by Buttons. I uninstalled Malwarebytes yet again, then reinstalled it, and then ran a quick scan. Even that gave me a blue screen. Here's the technical information the blue screens offered me: ***STOP: 0x00000024 (0x001902FE, 0xB3D8682C, 0xB3D86528, 0xB8209A3E) Buttons told me that I might still be infected, which is true because every time I click a Google search result it redirects me to some site. What can I do to solve this blue screen problem?
  10. And here is the technical information: ***STOP: 0x00000024 (0x001902FE, 0xB3D8682C, 0xB3D86528, 0xB8209A3E)
  11. Hello everybody. My computer on Sunday was infected by nasty Trojans as well as a rogue software known as "Your PC Protector". I immediately downloaded Malwarebytes. I ran a scan, but foolishly stopped it early, thinking that it captured all the known infections. The next startup, I ran the program again to run an uninterrupted scan, only to get a blue screen of death. Out of all the bluescreens, I think only one displayed the cause of system failure, which was "PAGE_FAULT_IN_NONPAGED_AREA". After all this trouble, I have taken to removing Your PC Protector manually (and did so successfully), but I am still left with more problems that SpyBot Search and Destroy did not pick up, which I will assume Malwarebytes does. I uninstalled Malwarebytes and then reinstalled it, tried running it again, and was faced with another blue screen. Can anybody tell me what's the problem here? If you need the technical information (the numbers beneath the message on the blue screen), I'll post it here in a few...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.