Jump to content

Biskit

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Biskit
    I followed your instructions. Malwarebytes updated to the latest database successfully. The ESET symbol in the task bar was red, and when I opened the program it says "The personal firewall is disabled most likely due to its installation being corrupted. We recommend that you reinstall ESET Smart Security as soon as possible". I'm able to connect to the internet, and so far the have been no outgoing alerts.
  2. Biskit
    Ha ha! It just happend again with the outgoing alert, malicious website
  3. Biskit
    Thanks for the welcome and such a quick reply As it happens, since yesterday I haven't had a single alert!! I was getting alerts all the time, something about contacting malicious websites, type:outgoing ..and my dvd rom was always making noises as if it was searching for a disc, or would open by itself. Also my fan would be on high speed quite often, even if I only had a web page open. After I ran all the software as advised on this site yesterday, it's all stopped...
  4. Biskit
    Hi all, hope you're enjoying the festive period wherever you may be I'm having problems with multiple outgoing alerts in Malwarebytes. I've tried to follow the instructions as best I can and most of it seemed to go ok, but defogger never rebooted my pc. Here is the info I've been advised to post. I'd just like to say thanks in advance for anybody taking their time to help me. If I've missed anything, just let me know. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5396 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 26/12/2010 13:29:16 mbam-log-2010-12-26 (13-29-16).txt Scan type: Quick scan Objects scanned: 133642 Time elapsed: 5 minute(s), 17 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) DDS (Ver_10-12-12.02) - NTFSx86 Run by Brian at 13:33:57.82 on 26/12/2010 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1258.44.1033.18.1015.195 [GMT 7:00] AV: ESET Smart Security 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall *Enabled* ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE C:\Program Files\ActivIdentity\ActivClient Mini\accrdsub.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\ActivIdentity\ActivClient Mini\acevents.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe svchost.exe C:\Program Files\ActivIdentity\ActivClient Mini\acachsrv.exe C:\Program Files\ActivIdentity\ActivClient Mini\accoca.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Macrium\Reflect\ReflectService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe C:\PROGRA~1\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE C:\Documents and Settings\Brian\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = about:blank BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start mRun: [<NO NAME>] mRun: [accrdsub] "c:\program files\actividentity\activclient mini\accrdsub.exe" mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [soundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [browserChoice] "c:\windows\system32\browserchoice.exe" /run dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N dRunOnce: [iE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart dRunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: ackpbsc - c:\program files\actividentity\activclient mini\ackpbsc.dll Notify: acunlock - c:\program files\actividentity\activclient mini\acunlock.dll Notify: DeviceNP - DeviceNP.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\brian\applic~1\mozilla\firefox\profiles\xrd5baze.default\ FF - prefs.js: browser.search.selectedEngine - Google.co.uk FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - component: c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\mozilla firefox\plugins\npnul32.dll FF - plugin: c:\program files\mozilla firefox\plugins\nppl3260.dll FF - plugin: c:\program files\mozilla firefox\plugins\nprjplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\nprpjplug.dll FF - plugin: c:\program files\veetle\player\npvlc.dll FF - plugin: c:\program files\veetle\plugins\npVeetle.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox 4.0 beta 7\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Gmail Notifier: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e} - %profile%\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e} FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\FirefoxExtension ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [2010-9-28 15328] R2 acachsrv;ActivClient Authentication Service;c:\program files\actividentity\activclient mini\acachsrv.exe [2006-4-12 81920] R2 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient mini\accoca.exe [2006-5-2 135168] R2 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792] R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-9-11 735960] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-10-30 54760] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-11-15 363344] R2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\macrium\reflect\ReflectService.exe [2010-9-28 220128] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-15 20952] R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S2 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe [2009-3-13 357182] S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [2010-10-27 30008] S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2007-6-8 172131] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576] =============== Created Last 30 ================ 2010-12-26 05:47:04 388096 ----a-r- c:\docume~1\brian\applic~1\microsoft\installer\{0761c9a8-8f3a-4216-b4a7-b7afbf24a24a}\HiJackThis.exe 2010-12-26 05:47:03 -------- d-----w- c:\program files\TrendMicro 2010-12-20 11:16:08 -------- d-----w- c:\docume~1\brian\applic~1\tor 2010-12-20 10:39:13 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 7 2010-12-20 09:24:15 -------- d-----w- c:\windows\system32\wbem\repository\FS 2010-12-20 09:24:15 -------- d-----w- c:\windows\system32\wbem\Repository 2010-12-20 09:22:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\Soulseek 2010-12-18 14:06:15 -------- d-sh--w- C:\RECYCLER(2) 2010-12-17 09:58:47 -------- d-----w- C:\cmdcons 2010-12-14 06:32:22 -------- d-----w- c:\program files\SoulseekNS 2010-12-07 17:09:56 -------- d-----w- c:\program files\MSXML 4.0 2010-12-06 17:13:21 -------- d-----w- c:\docume~1\alluse~1\applic~1\Nokia 2010-12-06 14:49:10 -------- d-----w- c:\program files\NCH Swift Sound 2010-12-06 13:13:33 -------- d-----w- c:\docume~1\brian\applic~1\Nokia Ovi Suite 2010-12-06 10:16:35 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys 2010-12-06 10:16:35 26112 ----a-w- c:\windows\system32\drivers\usbser.sys 2010-12-06 08:11:22 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll 2010-12-06 08:07:02 -------- d-----w- c:\docume~1\brian\locals~1\applic~1\NokiaAccount 2010-12-06 08:06:54 -------- d-----w- c:\docume~1\brian\locals~1\applic~1\Nokia 2010-12-06 07:49:41 -------- d-----w- c:\program files\common files\Nokia 2010-12-06 07:48:32 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2010-12-06 07:47:57 -------- d-----w- c:\program files\PC Connectivity Solution 2010-12-06 07:47:42 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys 2010-12-06 07:47:39 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys 2010-12-06 07:47:36 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys 2010-12-06 07:47:28 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll 2010-12-06 07:47:28 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys 2010-12-06 07:47:28 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll 2010-12-06 07:47:22 92672 ----a-w- c:\windows\system32\nmwcdcls.dll 2010-12-06 07:37:16 -------- d-----w- c:\program files\Nokia 2010-12-06 07:37:16 -------- d-----w- c:\docume~1\alluse~1\applic~1\NokiaInstallerCache 2010-12-03 14:20:19 -------- d-----w- c:\windows\pss 2010-12-03 13:04:18 -------- d-----w- c:\docume~1\brian\locals~1\applic~1\FilmOn.com 2010-12-03 13:03:39 -------- d-----w- c:\docume~1\brian\applic~1\111 Pix Ltd ==================== Find3M ==================== 2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll 2010-11-06 00:27:34 919552 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:27:34 919552 ----a-w- c:\windows\system32\wininet(2)(2).dll 2010-11-06 00:27:33 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-06 00:27:33 1992192 ----a-w- c:\windows\system32\iertutil(2)(2).dll 2010-11-06 00:27:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-11-06 00:27:33 1211904 ----a-w- c:\windows\system32\urlmon(2)(2).dll 2010-11-05 22:57:34 11082752 ----a-w- c:\windows\system32\ieframe(2)(2).dll 2010-11-03 12:00:50 385024 ----a-w- c:\windows\system32\html.iec 2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd(2)(2).dll 2010-10-27 09:06:39 156160 ----a-w- c:\windows\system32\imapihp.exe 2010-10-27 07:58:45 592 ----a-w- c:\windows\chgkey.vbs 2010-10-26 13:27:10 1862272 ----a-w- c:\windows\system32\win32k.sys 2010-10-26 13:27:10 1862272 ----a-w- c:\windows\system32\win32k(2)(2).sys ============= FINISH: 13:35:13.29 =============== ark.zip Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.