Jump to content

fullup

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. here are logs per instructions: Malwarebytes' Anti-Malware 1.44 Database version: 3510 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 2/10/2010 8:00:34 PM mbam-log-2010-02-10 (20-00-34).txt Scan type: Quick Scan Objects scanned: 179957 Time elapsed: 10 minute(s), 5 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) DDS (Ver_09-12-01.01) - FAT32x86 Run by Mike at 19:33:29.18 on Wed 02/10/2010 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_07 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.991.722 [GMT -8:00] FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch SVCHOST.EXE C:\WINDOWS\System32\svchost.exe -k netsvcs SVCHOST.EXE SVCHOST.EXE C:\WINDOWS\system32\spoolsv.exe SVCHOST.EXE C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\VTTimer.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Messenger\msmsgs.exe E:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Documents and Settings\Mike.WICKHAMONE\Local Settings\Temporary Internet Files\Content.IE5\8J4ZIB61\dds[1].scr ============== Pseudo HJT Report =============== mSearch Bar = hxxp://www.google.com/ie BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: WsftpBrowserHelper Class: {601ed020-fb6c-11d3-87d8-0050da59922b} - c:\program files\ws_ftp pro\wsbho2k0.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [gmusyucp] c:\documents and settings\mike.wickhamone\local settings\application data\uakpsw\lewpsftav.exe mRun: [VTTimer] VTTimer.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [soundMan] SOUNDMAN.EXE mRun: [gmusyucp] c:\documents and settings\mike.wickhamone\local settings\application data\uakpsw\lewpsftav.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - e:\program files\winzip\WZQKPICK.EXE IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156183759359 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== R2 BsUDFRDR;BsUDFRDR;c:\windows\system32\drivers\bsudfrdr.sys [2006-2-7 259096] R3 NeroCd2k;NeroCd2k;c:\windows\system32\drivers\NeroCD2k.sys [2001-4-16 44227] S0 vkquwexg;vkquwexg;c:\windows\system32\drivers\combo-fix.sys --> c:\windows\system32\drivers\Combo-Fix.sys [?] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-6 135664] S3 S3chipid;S3chipid;\??\c:\docume~1\mike~1.wic\locals~1\temp\{2b43252c-a1e3-4c47-927c-9f2c276d3515}\s3chipid.sys --> c:\docume~1\mike~1.wic\locals~1\temp\{2b43252c-a1e3-4c47-927c-9f2c276d3515}\S3chipid.sys [?] S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2006-8-22 392824] S4 BsUDF;BsUDF;c:\windows\system32\drivers\bsudf.sys [2006-2-7 291785] =============== Created Last 30 ================ 2010-02-11 03:32:21 0 ----a-w- c:\documents and settings\mike.wickhamone\defogger_reenable 2010-02-11 00:13:22 0 d-sh--w- C:\FOUND.000 2010-02-10 00:55:43 0 d--h--w- c:\windows\PIF 2010-02-04 00:01:14 0 d-sh--w- C:\FOUND.043 ==================== Find3M ==================== 2010-01-08 00:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-08 00:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-31 16:14:12 352640 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-31 16:14:12 352640 ----a-w- c:\windows\system32\dllcache\srv.sys 2009-12-16 12:58:04 343040 ----a-w- c:\windows\system32\mspaint.exe 2009-12-16 12:58:04 343040 ----a-w- c:\windows\system32\dllcache\mspaint.exe 2009-12-16 12:57:08 18432 ----a-w- c:\windows\system32\dllcache\iedw.exe 2009-12-14 07:35:36 33280 ----a-w- c:\windows\system32\dllcache\csrsrv.dll 2009-12-14 07:35:36 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-08 18:55:26 2180352 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-08 18:55:26 2180352 ------w- c:\windows\system32\dllcache\ntoskrnl.exe 2009-12-08 18:53:08 2136064 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-08 18:19:32 2057728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-12-08 18:19:32 2057728 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-12-08 18:19:32 2015744 ------w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-08 09:13:52 474112 ----a-w- c:\windows\system32\dllcache\shlwapi.dll 2009-12-04 14:41:56 453760 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2009-11-27 17:33:36 17920 ----a-w- c:\windows\system32\msyuv.dll 2009-11-27 17:33:36 17920 ------w- c:\windows\system32\dllcache\msyuv.dll 2009-11-27 17:33:36 1291264 ----a-w- c:\windows\system32\quartz.dll 2009-11-27 17:33:36 1291264 ----a-w- c:\windows\system32\dllcache\quartz.dll 2009-11-27 16:37:28 8704 ----a-w- c:\windows\system32\tsbyuv.dll 2009-11-27 16:37:28 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll 2009-11-27 16:37:28 84992 ----a-w- c:\windows\system32\dllcache\avifil32.dll 2009-11-27 16:37:28 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-11-27 16:37:28 48128 ----a-w- c:\windows\system32\iyuv_32.dll 2009-11-27 16:37:28 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll 2009-11-27 16:37:28 28672 ----a-w- c:\windows\system32\msvidc32.dll 2009-11-27 16:37:28 28672 ----a-w- c:\windows\system32\dllcache\msvidc32.dll 2009-11-27 16:37:28 11264 ----a-w- c:\windows\system32\msrle32.dll 2009-11-27 16:37:28 11264 ----a-w- c:\windows\system32\dllcache\msrle32.dll 2009-11-21 16:36:14 470528 ----a-w- c:\windows\system32\dllcache\aclayers.dll 2006-02-19 01:28:18 774144 ----a-w- c:\program files\RngInterstitial.dll 2006-01-01 22:29:38 271 --sh--w- c:\program files\desktop.ini 2006-01-01 22:29:38 23357 ---h--w- c:\program files\folder.htt ============= FINISH: 19:34:09.07 ===============
  2. TRying to use rkill but it kills my desktop, just leaves screensaver on, how can I get around that?
  3. Mbam asked me to report an error. 732(12029,0) I hope this helps ,,,,,,,,,me especially. having trouble with I think it's Is2010. mbam ran all night but never finished, ( 16 hrs) it can't get thru mozilla cache.trash which reports 212gb on a 70gb drive.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.