Jump to content

Search the Community

Showing results for tags 'hpkh.pif virus'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. Hello plss help me . i cant remove this virus that cause my programs corrupt and slow and makes firewall and windows update disabled Here is the DDS LOG . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by Owner at 10:42:31 on 2012-09-05 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1983.1221 [GMT 8:00] . . ============== Running Processes =============== . C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Sun Broadband Wireless\Sun Broadband Wireless.exe C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . mWinlogon: SfcDisable=-99 (0xffffff9d) BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: Advanced SystemCare Browser Protection: {ba0c978d-d909-49b6-afe2-8bde245dc7e6} - c:\progra~1\iobit\advanc~1\brower~1\ASCPLU~1.DLL uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot uRun: [Advanced SystemCare 6] "c:\program files\iobit\advanced systemcare 6\ASCTray.exe" /AutoStart mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [nwiz] nwiz.exe /installquiet mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) mPolicies-system: EnableLUA = 0 (0x0) IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe TCP: DhcpNameServer = 202.138.128.50 202.138.128.54 TCP: Interfaces\{3D944068-B018-452F-9F38-9157AC010FA8} : DhcpNameServer = 202.138.128.50 202.138.128.54 SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SecurityProviders: schannel.dll, credssp.dll, digest.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\m839ur2s.default\ FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: browser.turbo.enabled - true FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.chrome.favicons - false FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: content.notify.ontimer - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.switch.threshold - 750000 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 . ============= SERVICES / DRIVERS =============== . R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2011-9-16 13616] R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2011-9-16 5632] R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2011-9-16 13616] R0 nvlegacy;nvlegacy;c:\windows\system32\drivers\nvlegacy.sys [2011-9-16 100736] R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2012-8-31 109768] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare 6\ASCService.exe [2012-9-3 1026432] R2 DCService.exe;DCService.exe;c:\documents and settings\all users\application data\datacardservice\DCService.exe [2010-5-8 229376] R2 PfFilter;PfFilter;c:\program files\iobit\protected folder\pffilter.sys [2012-9-4 140976] R3 amsint32;amsint32;\??\c:\windows\system32\drivers\gesmf.sys --> c:\windows\system32\drivers\gesmf.sys [?] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2012-9-2 117504] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-9-2 70656] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-3 22344] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-9-5 40776] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-3 655944] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-9-3 1691480] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-9-2 101504] S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-9-3 35144] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-9-3 114144] S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\iobit\game booster 3\driver\WinRing0.sys [2012-9-4 14416] . =============== Created Last 30 ================ . 2012-09-05 01:41:56 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-09-04 01:58:37 98816 ----a-w- c:\windows\sed.exe 2012-09-04 01:58:37 518144 ----a-w- c:\windows\SWREG.exe 2012-09-04 01:58:37 256000 ----a-w- c:\windows\PEV.exe 2012-09-04 01:58:37 208896 ----a-w- c:\windows\MBR.exe 2012-09-04 01:58:34 -------- d-s---w- C:\ComboFix 2012-09-04 00:51:05 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2012-09-04 00:51:03 -------- d-----w- c:\program files\ffdshow 2012-09-03 09:45:25 -------- d-----w- c:\documents and settings\owner\application data\IObit 2012-09-03 09:45:25 -------- d-----w- c:\documents and settings\owner\AppData 2012-09-03 09:45:25 -------- d-----w- c:\documents and settings\all users\application data\IObit 2012-09-03 09:45:21 -------- d-----w- c:\program files\IObit 2012-09-03 06:56:07 -------- d-----w- c:\program files\CCleaner 2012-09-03 06:55:52 -------- d-----w- c:\program files\Defraggler 2012-09-03 06:49:55 -------- d-----w- c:\program files\Speccy 2012-09-03 06:18:29 99328 ----a-w- C:\urcff.exe 2012-09-03 05:33:07 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2012-09-03 02:47:18 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes 2012-09-03 02:47:12 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-09-03 02:47:11 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-03 02:47:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-03 00:49:51 -------- d-----w- c:\windows\system32\appmgmt 2012-09-03 00:31:50 -------- d-----w- c:\windows\system32\Lang 2012-09-03 00:29:55 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll 2012-09-03 00:29:55 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll 2012-09-03 00:29:55 1706640 ----a-r- c:\windows\RtlExUpd.dll 2012-09-03 00:29:54 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll 2012-09-03 00:29:54 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll 2012-09-03 00:29:54 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe 2012-09-03 00:29:54 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll 2012-09-03 00:29:54 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll 2012-09-03 00:29:53 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll 2012-09-03 00:27:02 -------- d-----w- c:\documents and settings\all users\application data\NVIDIA Corporation 2012-09-03 00:26:08 -------- d-----w- c:\windows\system32\ReinstallBackups 2012-09-03 00:26:05 215656 ----a-r- c:\windows\system32\NVCOSMB.DLL 2012-09-03 00:22:35 -------- d-----w- c:\documents and settings\owner\local settings\application data\WinZip 2012-09-02 08:34:07 -------- d--h--w- c:\windows\PIF 2012-09-02 02:44:00 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll . ==================== Find3M ==================== . 2012-08-02 00:23:14 109768 ----a-w- c:\windows\system32\drivers\idmtdi.sys 2012-06-12 10:10:44 6138512 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys . ============= FINISH: 10:42:46.75 =============== The Scan log Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.09.03.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Owner :: ANONYMOUS [administrator] Protection: Disabled 9/5/2012 9:42:05 AM mbam-log-2012-09-05 (10-36-21).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 217333 Time elapsed: 54 minute(s), Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 2 HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AMSINT32 (Virus.Sality) -> No action taken. HKLM\SYSTEM\CurrentControlSet\Services\amsint32 (Virus.Sality) -> No action taken. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 3 HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\urcff.exe (Trojan.Agent) -> No action taken. D:\hpkh.pif (Trojan.Agent) -> No action taken. (end) I hope someone can help me to fix my problem
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.