Jump to content

somegirldc

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Here are the MBAM and DDS logs; GMER didnt give me an option to save as a text file. I reran MBWM after following all the "I'm infected" steps and the virus is still present. Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7673 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 9/8/2011 1:14:45 AM mbam-log-2011-09-08 (01-14-45).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 421339 Time elapsed: 2 hour(s), 7 minute(s), 41 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\system volume information\_restore{106cf321-99a3-4e3a-9103-1bd027606a99}\RP1062\A0501156.exe (Adware.TryMedia) -> Quarantined and deleted successfully. DDS log . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22 Run by HP_Administrator at 11:49:15 on 2011-09-08 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.262 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Norton 360 *Disabled/Outdated* {A5F1BC7C-EA33-4247-961C-0217208396C4} FW: Norton 360 *Enabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\acs.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe C:\WINDOWS\arservice.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Motorola Media Link\NServiceEntry.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\Program Files\NCH Software\HourGuard\hourguard.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe C:\Documents and Settings\HP_Administrator\Application Data\Apple Computer\AppleUpdate\Appleupdt32.exe C:\Documents and Settings\HP_Administrator\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe C:\WINDOWS\system32\PnkBstrA.exe svchost.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe C:\Documents and Settings\HP_Administrator\Desktop\Defogger.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\WINDOWS\system32\igfxsrvc.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8 uSearch Page = uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8 uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uWindow Title = Windows Internet Explorer provided by Yahoo! uSearch Bar = hxxp://www.google.com/ie mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/ymj/*http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = hxxp://www.yahoo.com/ uSearchAssistant = mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll uURLSearchHooks: H - No File mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll BHO: {018c9b06-0986-484c-8855-5c7a458ccebe} - c:\windows\system32\wscui32.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.5\NppBho.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Xfinity.com Toolbar: {dcc70a83-e184-40a3-906b-779af5e941c4} - c:\program files\xfinitytb\xfinitydx.dll BHO: Updater For Xfinity.com Toolbar 3.5: {e6d0b79e-ecac-411b-8bf6-7a574981af30} - c:\program files\xfinitytb\auxi\xfinityAu.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn4\YTSingleInstance.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.5\UIBHO.dll TB: Xfinity.com Toolbar: {dcc70a83-e184-40a3-906b-779af5e941c4} - c:\program files\xfinitytb\xfinitydx.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File TB: Morpheus Toolbar: {3f3714a9-89a4-46be-8af3-d0c9d1fb03f9} - c:\program files\morpheusbar\bar\1.bin\MORPHBAR.DLL TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No File uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet uRun: [Epson Stylus NX620(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatigaa.exe /fu "c:\windows\temp\E_S103.tmp" /EF "HKCU" uRun: [EPSON NX620 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatigaa.exe /fu "c:\windows\temp\E_SC9.tmp" /EF "HKCU" uRun: [AppleUpdate] c:\documents and settings\hp_administrator\application data\apple computer\appleupdate\Appleupdt32.exe uRun: [KeyboardNotifierVerifier] rundll32.exe "c:\documents and settings\all users\application data\KeyboardNotifierVerifier.dll",DllRegisterServer mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [ccApp] c:\program files\common files\symantec shared\ccApp.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe" mRun: [HourGuard] "c:\program files\nch software\hourguard\hourguard.exe" -logon mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRun: [AppleUpdate] c:\documents and settings\hp_administrator\application data\apple computer\appleupdate\Appleupdt32.exe StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\hp_administrator\application data\dropbox\bin\Dropbox.exe IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000 IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll Trusted Zone: trymedia.com DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file://c:\program files\fashion fits\images\stg_drm.ocx DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} - hxxp://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab DPF: {66D393D5-4D80-497C-9F4F-F3839E090202} - hxxp://www.pysoft.com/Downloads/WebCamPlayerOCX.cab DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} - hxxps://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file://c:\program files\fashion fits\images\armhelper.ocx DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash//swflash.cab DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.47.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243 TCP: Interfaces\{9051C71F-453B-43FA-A99A-D7A9B4DB9CDE} : DhcpNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll LSA: Authentication Packages = msv1_0 relog_ap mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\s73fsk3a.caseynew\ . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-8 371544] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-8 301528] R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-8 19544] R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2007-1-10 108648] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2007-1-10 108648] R2 DeviceMonitorService;DeviceMonitorService;c:\program files\motorola media link\NServiceEntry.exe [2010-11-5 81920] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-2-26 366640] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-4-26 223088] R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-11-19 1251720] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-7 24652] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-5-10 105592] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-26 22712] S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-4-8 42184] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2011-8-21 6016] S3 dpK0Bx01;Fingerprint Reader Filter Driver;c:\windows\system32\drivers\dpK0Bx01.sys [2007-1-15 32640] S3 ExpressAccountsService;Express Accounts;c:\program files\nch software\expressaccounts\expressaccounts.exe [2011-4-16 2135044] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-2-26 41272] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2011-8-21 20352] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2011-8-21 8320] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2011-8-21 23424] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2011-8-21 9472] S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110527.002\NAVENG.SYS [2011-5-27 86008] S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110527.002\NAVEX15.SYS [2011-5-27 1542392] S3 ProFltr;Razer ProType USB Keyboard;c:\windows\system32\drivers\Protype.sys [2007-12-15 28416] S3 SMC2208;SMC Compact USB to Ethernet converter;c:\windows\system32\drivers\SMC2208.SYS [2008-8-18 26525] S3 UsbdpFP;Fingerprint Reader Class Driver;c:\windows\system32\drivers\UsbdpFP.sys [2007-1-15 34560] S4 gupdate1c9cb4b7e5b984c;Google Update Service (gupdate1c9cb4b7e5b984c);c:\program files\google\update\GoogleUpdate.exe [2009-5-2 133104] . =============== Created Last 30 ================ . 2011-09-07 21:53:20 -------- d-----w- c:\program files\Other 2011-09-07 21:53:20 -------- d-----w- c:\program files\Data 2011-09-07 21:53:11 -------- d-----w- c:\program files\App 2011-09-06 19:52:52 166544 ----a-w- c:\program files\FirefoxPortable.exe 2011-09-06 15:56:53 0 ---ha-w- c:\documents and settings\hp_administrator\mqbbkyvosd.tmp 2011-09-05 20:12:28 239616 ----a-w- c:\windows\system32\wscui32.dll 2011-09-03 10:17:37 599040 ------w- c:\windows\system32\dllcache\crypt32.dll 2011-08-26 03:09:43 -------- d-----w- c:\program files\TweetDeck 2011-08-22 00:26:43 6016 ----a-w- c:\windows\system32\drivers\motfilt.sys 2011-08-22 00:26:43 23424 ----a-w- c:\windows\system32\drivers\Motousbnet.sys 2011-08-22 00:26:36 8320 ----a-w- c:\windows\system32\drivers\motccgpfl.sys 2011-08-22 00:26:36 6400 ----a-w- c:\windows\system32\drivers\motswch.sys 2011-08-22 00:26:36 20352 ----a-w- c:\windows\system32\drivers\motccgp.sys 2011-08-22 00:08:56 -------- d-----w- c:\documents and settings\hp_administrator\application data\motorola 2011-08-22 00:08:21 -------- d-----w- c:\documents and settings\all users\application data\Motorola 2011-08-22 00:04:28 -------- d-----w- c:\documents and settings\all users\application data\Nero 2011-08-22 00:04:27 -------- d-----w- c:\program files\Motorola Media Link 2011-08-22 00:04:27 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\Motorola 2011-08-21 23:24:16 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll 2011-08-21 23:22:38 9472 ----a-w- c:\windows\system32\drivers\motusbdevice.sys 2011-08-21 23:22:38 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll 2011-08-21 23:22:28 24064 ----a-w- c:\windows\system32\drivers\motmodem.sys 2011-08-21 23:21:20 -------- d-----w- c:\program files\common files\Motorola Shared 2011-08-21 23:20:50 -------- d-----w- c:\program files\Motorola 2011-08-09 23:52:28 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys 2011-08-09 23:51:20 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys . ==================== Find3M ==================== . 2011-09-03 10:17:37 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-07-06 23:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 23:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll 2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-06-23 18:36:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec 2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll 2008-01-20 20:23:38 774144 ----a-w- c:\program files\RngInterstitial.dll 2004-08-09 21:00:00 94784 --sh--w- c:\windows\twain.dll 2008-04-14 00:12:07 50688 --sh--w- c:\windows\twain_32.dll 2011-02-08 13:33:55 978944 --sha-w- c:\windows\system32\mfc42.dll 2008-04-14 00:12:01 57344 --sha-w- c:\windows\system32\msvcirt.dll 2008-04-14 00:12:01 413696 --sha-w- c:\windows\system32\msvcp60.dll 2008-04-14 00:12:01 343040 --sha-w- c:\windows\system32\msvcrt.dll 2010-12-20 17:32:15 551936 --sha-w- c:\windows\system32\oleaut32.dll 2008-04-14 00:12:02 84992 --sha-w- c:\windows\system32\olepro32.dll 2008-04-14 00:12:32 11776 --sha-w- c:\windows\system32\regsvr32.exe . ============= FINISH: 11:50:21.68 ===============
  2. i've run both the MBAM scan and the avast boot scan now. I still have the sharproj virus, but MBAM found nothing else and avast found and deleted 3 pieces of malware. I still get can't firefox to launch. Any ideas?
  3. Hello and thanks in advance. Thursday night I was suddenly unable to open Firefox; the program won't launch and goes straight to the crash message. I then tried Chrome, which didn't launch or give any error message. Internet explorer will open, but is unusable and usually gives a debug message. I ran the quick MWAM scan and found the fshaproj trojan, deleted, restarted. I haven't had a chance to run the full MBAM scan yet, but Avast didn't find anything at all yesterday. From what I've read from other people with the same virus, it doesn't seem to be affecting their ability to open any browser. I can use other programs without issue, including those that connect to the internet. Any ideas?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.