Jump to content

RyanDiamond

Honorary Members
  • Posts

    35
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5653 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 2/1/2011 12:51:09 PM mbam-log-2011-02-01 (12-51-09).txt Scan type: Quick scan Objects scanned: 152127 Time elapsed: 7 minute(s), 10 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  2. Merged fixme.reg and I do not see the files in PF anymore... Searching for Whitesmoke, then gonna reboot.
  3. Its the default of InProcServer32 and the value is C:/Program Files/Whitesmoke Translator/WCaptureX.dll Binary data... And then the "Threading Module" is Apartment as the value.
  4. New mbam scan, found the two keys and removed them... Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5653 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 2/1/2011 11:50:11 AM mbam-log-2011-02-01 (11-50-11).txt Scan type: Quick scan Objects scanned: 152285 Time elapsed: 5 minute(s), 30 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\Software\WhiteSmokeTranslator (PUP.WhiteSmoke) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\WhiteSmokeTranslator (PUP.WhiteSmoke) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  5. Only OTL.Txt opened... OTL logfile created on: 2/1/2011 11:03:36 AM - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\SCOTT\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,022.00 Mb Total Physical Memory | 314.00 Mb Available Physical Memory | 31.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 56.00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.47 Gb Total Space | 59.73 Gb Free Space | 80.20% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: SCOTT | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\SCOTT\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\xampp\mysql\bin\mysqld.exe (MySQL AB) PRC - C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) PRC - C:\Program Files\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe (Creative Technology Ltd) PRC - C:\WINDOWS\V0610Mon.exe (Creative Technology Ltd.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation) PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC) PRC - C:\Program Files\Common Files\AOL\1156800709\EE\aolsoftware.exe (America Online, Inc.) PRC - C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) PRC - C:\Program Files\Dell Printers\Dell MFP Color Laser Printer 3115cn\Address Book Editor\Launcher.exe (Dell Inc.) PRC - C:\Program Files\Dell Printers\paperport\pptd40nt.exe (Nuance Communications, Inc.) PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.) PRC - C:\Program Files\Wave Systems Corp\common\DataServer.exe (Wave Systems Corp.) PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.) PRC - C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.) PRC - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe (Dell Inc.) PRC - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe () PRC - C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe (Wave Systems Corp.) PRC - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe (Dell Inc.) PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe (Dell Inc.) PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe () PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc) PRC - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe (America Online Inc) PRC - C:\Program Files\Apoint\hidfind.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\SCOTT\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation) MOD - C:\Program Files\Dell\QuickSet\dadkeyb.dll () MOD - C:\WINDOWS\system32\wxvault.dll () MOD - C:\WINDOWS\system32\detoured.dll () ========== Win32 Services (SafeList) ========== SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll () SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (MySQL) -- C:\xampp\mysql\bin\mysqld.exe (MySQL AB) SRV - (Apache2.2) -- C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) SRV - (Tomcat6) -- C:\xampp\tomcat\bin\tomcat6.exe (Apache Software Foundation) SRV - (CLTNetCnService) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC) SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.) SRV - (DataSvr2) -- C:\Program Files\Wave Systems Corp\Common\DataServer.exe (Wave Systems Corp.) SRV - (WLANKEEPER) Intel® -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation) SRV - (S24EventMonitor) Intel® -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (EvtEng) Intel® -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (RegSrvc) Intel® -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe () SRV - (DLPWD) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe (Dell Inc.) SRV - (Bluetooth Hid Switch Service) -- C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe (Cambridge Silicon Radio) SRV - (DLSDB) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe (Dell Inc.) SRV - (AOL TopSpeedMonitor) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe (America Online, Inc) ========== Driver Services (SafeList) ========== DRV - (aswTdi) -- File not found DRV - (aswSP) -- File not found DRV - (aswRdr) -- File not found DRV - (aswMon2) -- File not found DRV - (aswFsBlk) -- File not found DRV - (Aavmker4) -- File not found DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (V0610Vid) -- C:\WINDOWS\system32\drivers\V0610Vid.sys (Creative Technology Ltd.) DRV - (CtClsFlt) -- C:\WINDOWS\system32\drivers\CtClsFlt.sys (Creative Technology Ltd.) DRV - (V0610Afx) -- C:\WINDOWS\system32\drivers\V0610Afx.sys (Creative Technology Ltd.) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation) DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation) DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SYMDNS) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider) DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION) DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (Tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\tosrfhid.sys (TOSHIBA Corporation.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (NW001NDIS) -- C:\WINDOWS\system32\drivers\nw01ndis.sys (Novatel Wireless, Inc.) DRV - (NWADI) -- C:\WINDOWS\system32\drivers\NWADIenum.sys (Novatel Wireless Inc) DRV - (NWDellPort) -- C:\WINDOWS\system32\drivers\nwdelser.sys (Novatel Wireless Inc.) DRV - (NWDellModem) -- C:\WINDOWS\system32\drivers\nwdelmdm.sys (Novatel Wireless Inc.) DRV - (PBADRV) -- C:\WINDOWS\system32\drivers\pbadrv.sys (Dell Inc) DRV - (w39n51) Intel® -- C:\WINDOWS\system32\drivers\w39n51.sys (Intel
  6. I see one, I tried to delete it, and it keeps coming back? My Computer/HKEY_CLASSES_ROOT/CLSID/{BB314C86-A6C0-4B32-B715-88557445EA19}/InProcServer32
  7. The nightly mbam logged produced this last night.. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5647 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 2/1/2011 5:04:27 AM mbam-log-2011-02-01 (05-04-27).txt Scan type: Quick scan Objects scanned: 151882 Time elapsed: 4 minute(s), 19 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\Software\WhiteSmokeTranslator (PUP.WhiteSmoke) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\WhiteSmokeTranslator (PUP.WhiteSmoke) -> Not selected for removal. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  8. I can't even load it onto my machine. I plug it in, it beeps, but I do not see it.
  9. Hmm, I think I got it gone via a uninstall by re-downloading it... Thanks again dude, can you leave this open if I get issues? Also, is it possible my USB is now infected?
  10. Not in add/remove, and I have rebooted... Could it be in like msconfig to load on startup or something?
  11. Now another issue.. I removed it with that program, but it still shows as on my system via the bottom bar... And I can only load internet when there is an X on it, when not, it won't load.
  12. Says I do not have something it needs and not aval for my type of XP, so I am getting AntiVir...again.
  13. Waiiiit! So, I installed avast.....ironically, right after...my internet refuses to connect to anything online, I get cannot connect errors in IE / FF. I had appremover remove it...does this happen often with it / something I had to change? I got my internet back on deletion.
  14. Thanks again...I honestly can't thank you enough for spending your last few days, mostly this afternoon, helping me man. I just spent $190 on extending my private server, so I'd rather not donate right now, but if you need any webhosting for some reason or another, do not hesitate to contact me, I'd be glad to hook you up with some space, free of charge!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.