Jump to content

Mc752

Members
 View Profile  See their activity

  • Posts

    7

  • Joined

  • Last visited

 Content Type 

Posts posted by Mc752

    Help Pls, 9736 Trojan.Agent What is this?

    in Malwarebytes for Windows Support Forum

    Posted

    Doing a routine scan malwarebytes finds a trojan, I hit delete and it tells me to reboot. Upon rebooting I run it again and there it is. I've deleted the temp files and the recycle bin yet it keeps coming back. Can someone tell me if this is something I need to worry about?

    Thank you in advance for your help.

    Here is a copy of my latest scan. I've got lots more, some are full scans, some are flash scans.

    Database version: v2012.11.18.03

    Windows 7 Service Pack 1 x64 NTFS

    Internet Explorer 9.0.8112.16421

    Irma :: IRMA-VAIO [administrator]

    Protection: Enabled

    11/18/2012 2:38:30 PM

    mbam-log-2012-11-18 (14-38-30).txt

    Scan type: Flash scan

    Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: Registry | File System | P2P

    Objects scanned: 229548

    Time elapsed: 20 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 0

    (No malicious items detected)

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 1

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|9736 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\msbambyo.com -> Delete on reboot.

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 0

    (No malicious items detected)

    (end)

    Malwarebytes Anti-Malware 1.60.1 Released

    in Malwarebytes News

    Posted

    The update came with the Pro version. I am running Windows 7 and Microsoft Security Essentials. I am going to try again with a clean install and stopping the AV to see if this solves the situation. I appreciate the support.

    After trying it again today, turning off the AV as before and running a clean install it has gone through. It was most likely some error on my end as no on else is having this issue. I appreciate the help, thank you!

    Malwarebytes Anti-Malware 1.60.1 Released

    in Malwarebytes News

    Posted

    Where did you obtain the update ?

    Did you disable your Anti-Virus when trying to do the update?

    What AV and Operating System are you using?

    Thanks

    The update came with the Pro version. I am running Windows 7 and Microsoft Security Essentials. I am going to try again with a clean install and stopping the AV to see if this solves the situation. I appreciate the support.

    Malwarebytes Anti-Malware 1.60.1 Released

    in Malwarebytes News

    Posted

    I get an error message every time I attempt to install the upgrade. I've restarted my computer twice and the message states something about a corrupt file and installation was not completed, restart the computer. Which I have done but it's an endless loop. I have the pro version, should I download it from this site and try again, perhaps the update was damaged?

    Thank you,

    Unknown issues trojan?

    in Resolved Malware Removal Logs

    Posted

    Thank you for your kind assistance. I have Manwarebytes Pro installed, and ran the update. I have run a few virus scan programs and noticed that my McAfee shuts itself off and I receive a notice "your computer is unprotected" where I must manually start it. This raises several antennas with me, although the IP messages from earlier are gone now from my malwarebytes scan please see below.

    *********

    Malwarebytes' Anti-Malware 1.51.1.1800

    www.malwarebytes.org

    Database version: 7512

    Windows 5.1.2600 Service Pack 3

    Internet Explorer 8.0.6001.18702

    8/19/2011 2:15:15 PM

    mbam-log-2011-08-19 (14-15-15).txt

    Scan type: Quick scan

    Objects scanned: 205702

    Time elapsed: 18 minute(s), 34 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 0

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 0

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    (No malicious items detected)

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    (No malicious items detected)

    **************

    .

    DDS (Ver_2011-06-23.01) - NTFSx86

    Internet Explorer: 8.0.6001.18702

    Run by Me at 14:15:54 on 2011-08-19

    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1333 [GMT -7:00]

    .

    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

    FW: McAfee Firewall *Enabled*

    .

    ============== Running Processes ===============

    .

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\WINDOWS\system32\svchost.exe -k DcomLaunch

    svchost.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    svchost.exe

    svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    svchost.exe

    C:\Program Files\Common Files\EPSON\eEBAPI\eEBSVC.exe

    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

    C:\WINDOWS\eHome\ehRecvr.exe

    C:\Program Files\Java\jre6\bin\jqs.exe

    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

    C:\WINDOWS\system32\mfevtps.exe

    C:\WINDOWS\system32\Ati2evxx.exe

    C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

    C:\WINDOWS\system32\svchost.exe -k imgsvc

    C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

    C:\WINDOWS\system32\fxssvc.exe

    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

    C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

    C:\Program Files\Protector Suite QL\menusw.exe

    C:\Program Files\McAfee.com\Agent\mcagent.exe

    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

    C:\Program Files\Microsoft IntelliType Pro\itype.exe

    C:\Program Files\Microsoft IntelliPoint\ipoint.exe

    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

    C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

    C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe

    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEKA.EXE

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

    C:\WINDOWS\system32\rundll32.exe

    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

    C:\PROGRA~1\MICROS~4\Office12\OUTLOOK.EXE

    C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

    C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

    C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

    C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

    C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

    C:\Documents and Settings\Me\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

    C:\WINDOWS\system32\NOTEPAD.EXE

    .

    ============== Pseudo HJT Report ===============

    .

    uStart Page = hxxp://www.sony.com/vaiopeople

    uInternet Settings,ProxyServer = localhost:8118

    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

    BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110708155615.dll

    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll

    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

    TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll

    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

    TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll

    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

    TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

    TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

    uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

    uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe

    uRun: [EPSON WorkForce 600(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatieka.exe /fu "c:\windows\temp\E_SAB.tmp" /EF "HKCU"

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe

    mRun: [sonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe

    mRun: [biomenu] "c:\program files\protector suite ql\menusw.exe"

    mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

    mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"

    mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

    mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"

    mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"

    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

    mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe

    IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html

    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

    IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html

    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000

    IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

    IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL

    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

    TCP: DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115

    TCP: Interfaces\{1970C9AF-B6E3-4D0A-8DD4-8B643AD79134} : DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115

    TCP: Interfaces\{A212899A-FD8F-4BD4-BCE3-6EFA12C88005} : DhcpNameServer = 24.205.224.36 24.205.192.61 68.116.46.115

    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll

    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

    Notify: AtiExtEvent - Ati2evxx.dll

    Notify: psfus - fusstub.dll

    Notify: VESWinlogon - VESWinlogon.dll

    AppInit_DLLs: c:\windows\system32\acaptuser32.dll

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - c:\documents and settings\me\application data\mozilla\firefox\profiles\xa5arf9c.default\

    .

    ============= SERVICES / DRIVERS ===============

    .

    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 459728]

    R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-6-15 89368]

    R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-4 98304]

    R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2005-7-25 13440]

    R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2005-7-25 33024]

    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-11 366640]

    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-15 214904]

    R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-15 214904]

    R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-15 214904]

    R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-6-15 214904]

    R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-6-15 165000]

    R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-6-15 159832]

    R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-6-15 148520]

    R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -svaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -sVAIO_VEDB [?]

    R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-4 118784]

    R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-6-15 57432]

    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-11 22712]

    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-6-15 179248]

    R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-6-15 59288]

    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-6-15 337912]

    R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2011-6-15 83688]

    R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2005-9-30 812544]

    S1 MpKsl56edc0bb;MpKsl56edc0bb;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{058292a0-b209-4f60-a619-f7295058c864}\mpksl56edc0bb.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{058292a0-b209-4f60-a619-f7295058c864}\MpKsl56edc0bb.sys [?]

    S1 MpKslf3a4201b;MpKslf3a4201b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{058292a0-b209-4f60-a619-f7295058c864}\mpkslf3a4201b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{058292a0-b209-4f60-a619-f7295058c864}\MpKslf3a4201b.sys [?]

    S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

    S3 fa410;NETGEAR FA410TX Fast Ethernet PC Card Driver;c:\windows\system32\drivers\fa410nd5.sys [2005-9-30 24618]

    S3 htcusbnet;HTC USB-NDIS miniport;c:\windows\system32\drivers\htcusbnet.sys [2011-7-15 128512]

    S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2011-6-15 83688]

    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-6-15 85984]

    S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.exe -i vaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.EXE -i VAIO_VEDB [?]

    S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

    .

    =============== Created Last 30 ================

    .

    2011-08-17 22:42:49 -------- d-----w- c:\program files\ESET

    2011-08-17 19:58:25 112640 ----a-w- c:\windows\system32\E_ADDNET.EXE

    2011-08-17 19:58:10 77824 ----a-w- c:\windows\system32\EBAPI.dll

    2011-08-17 19:58:10 65536 ----a-w- c:\windows\system32\EEBUtil.dll

    2011-08-17 19:58:10 55808 ----a-w- c:\windows\system32\EEBSDKIF.dll

    2011-08-17 19:58:10 135168 ----a-w- c:\windows\system32\EEBAPI.dll

    2011-08-17 19:58:10 110592 ----a-w- c:\windows\system32\EEBDSCVR.dll

    2011-08-17 19:58:09 474892 ----a-w- c:\windows\system32\ensppmon.dll

    2011-08-17 19:58:09 457099 ----a-w- c:\windows\system32\ensppui.dll

    2011-08-17 19:58:09 249344 ----a-w- c:\windows\system32\enspres.dll

    2011-08-17 19:58:09 249344 ----a-w- c:\windows\system32\enpres.dll

    2011-08-17 19:58:08 474892 ----a-w- c:\windows\system32\enppmon.dll

    2011-08-17 19:58:08 457099 ----a-w- c:\windows\system32\enppui.dll

    2011-08-17 19:53:11 -------- d-----w- c:\program files\EpsonNet

    2011-08-17 19:52:06 9216 ----a-w- c:\windows\system32\escdev.dll

    2011-08-17 19:52:06 71680 ----a-w- c:\windows\system32\escwiad.dll

    2011-08-17 00:10:18 -------- d-sha-r- C:\cmdcons

    2011-08-17 00:08:55 98816 ----a-w- c:\windows\sed.exe

    2011-08-17 00:08:55 518144 ----a-w- c:\windows\SWREG.exe

    2011-08-17 00:08:55 256000 ----a-w- c:\windows\PEV.exe

    2011-08-17 00:08:55 208896 ----a-w- c:\windows\MBR.exe

    2011-08-12 20:47:38 222080 ------w- c:\windows\system32\MpSigStub.exe

    2011-08-12 01:04:03 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

    2011-08-12 01:03:58 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

    2011-08-12 00:47:53 -------- d-----w- c:\windows\system32\wbem\repository\FS

    2011-08-12 00:47:53 -------- d-----w- c:\windows\system32\wbem\Repository

    2011-08-12 00:44:17 -------- d-----w- c:\program files\Epson Software

    2011-08-09 03:30:10 -------- d-----w- c:\documents and settings\me\application data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

    2011-08-09 03:00:28 -------- d-----w- c:\documents and settings\me\application data\Malwarebytes

    2011-08-09 03:00:19 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

    2011-08-09 03:00:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

    2011-08-02 20:18:23 794624 ----a-w- c:\windows\system32\spr32d35.dll

    2011-08-02 20:10:07 -------- d-----w- c:\program files\Punch! Home Design - Platinum

    2011-07-28 10:27:08 121464 ----a-w- c:\windows\system32\drivers\AnyDVD.sys

    .

    ==================== Find3M ====================

    .

    2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

    2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

    2011-06-30 02:27:45 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys

    2011-06-29 22:28:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

    2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll

    2011-06-23 18:36:30 43520 ------w- c:\windows\system32\licmgr10.dll

    2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl

    2011-06-23 12:05:13 385024 ------w- c:\windows\system32\html.iec

    2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll

    2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv(2).dll

    2011-06-17 19:00:35 89680 ----a-w- c:\documents and settings\me\MSSSerif120.fon

    2011-06-16 23:24:17 73728 ----a-w- c:\windows\system32\javacpl.cpl

    2011-06-16 23:24:16 472808 ----a-w- c:\windows\system32\deployJava1.dll

    2011-06-04 08:56:04 330600 ----a-w- c:\windows\system32\HMIPCore.dll

    2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys

    .

    ============= FINISH: 14:16:48.79 ===============

    Unknown issues trojan?

    in Resolved Malware Removal Logs

    Posted

    My computer anti-virus software McAfee keeps telling me that it has stopped an outgoing connection. I ran my malwarebytes and get the following:

    11:14:14 (null) MESSAGE Protection started successfully

    11:15:01 (null) MESSAGE Scheduled update executed successfully

    11:15:29 Me MESSAGE IP Protection started successfully

    11:15:29 Me MESSAGE IP Protection stopped

    11:15:38 Me MESSAGE Database updated successfully

    11:15:42 Me MESSAGE IP Protection started successfully

    15:18:03 Me IP-BLOCK 94.100.30.167 (Type: outgoing)

    15:18:06 Me IP-BLOCK 94.100.30.167 (Type: outgoing)

    15:18:12 Me IP-BLOCK 94.100.30.167 (Type: outgoing)

    15:18:24 Me IP-BLOCK 94.100.30.163 (Type: outgoing)

    15:18:27 Me IP-BLOCK 94.100.30.163 (Type: outgoing)

    15:18:33 Me IP-BLOCK 94.100.30.163 (Type: outgoing)

    15:18:45 Me IP-BLOCK 94.100.30.164 (Type: outgoing)

    15:18:48 Me IP-BLOCK 94.100.30.164 (Type: outgoing)

    15:18:54 Me IP-BLOCK 94.100.30.164 (Type: outgoing)

    15:19:06 Me IP-BLOCK 94.100.30.165 (Type: outgoing)

    15:19:09 Me IP-BLOCK 94.100.30.165 (Type: outgoing)

    15:19:15 Me IP-BLOCK 94.100.30.165 (Type: outgoing)

    15:19:27 Me IP-BLOCK 94.100.30.166 (Type: outgoing)

    15:19:30 Me IP-BLOCK 94.100.30.166 (Type: outgoing)

    15:19:36 Me IP-BLOCK 94.100.30.166 (Type: outgoing)

    15:56:11 Me MESSAGE Protection started successfully

    15:56:34 Me MESSAGE IP Protection started successfully

    Is this something to worry about? Thank you.

    protection-log-2011-08-16.zip

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.