Jump to content

Search the Community

Showing results for tags 'infected spyware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. Merged post I started a post on another MB forum and was told to open a new one here so someone could help me fix my problem. Here is a link to the other post I had, as well as the DDS & Attach files. Thanks in advance for your help! . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1 Run by User at 23:31:00 on 2012-06-19 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.1889 [GMT -4:00] . AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: Norton Internet Security *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\stsystra.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe svchost.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wscntfy.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyServer = 108.166.95.58:8080 BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.7.1.5\ips\IPSBHO.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll TB: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [NBAgent] "c:\program files\nero\nero 10\nero backitup\NBAgent.exe" /WinStart mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [ContentTransferWMDetector.exe] c:\program files\sony\content transfer\ContentTransferWMDetector.exe mRun: [AgentMonitor] c:\program files\vtech\downloadmanager\system\AgentMonitor.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [adblock pro] c:\program files\adblock pro\abpmain.exe -m mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {004DF9D9-566D-11D7-B77D-00E018901A05} - hxxp://surfcam.castleinthesand.com/iqeye.ocx.gz DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309922957656 DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{845F1E14-703E-43C9-8E95-FC74DABB12FA} : DhcpNameServer = 75.75.76.76 75.75.75.75 Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\et9ohpua.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: network.proxy.ftp - 203.42.246.231 FF - prefs.js: network.proxy.ftp_port - 80 FF - prefs.js: network.proxy.http - 203.42.246.231 FF - prefs.js: network.proxy.http_port - 80 FF - prefs.js: network.proxy.socks - 203.42.246.231 FF - prefs.js: network.proxy.socks_port - 80 FF - prefs.js: network.proxy.ssl - 203.42.246.231 FF - prefs.js: network.proxy.ssl_port - 80 FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064] R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1307010.005\symds.sys [2012-6-17 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1307010.005\symefa.sys [2012-6-17 905336] R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20120531.001\BHDrvx86.sys [2012-5-31 821880] R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys [2012-6-17 132744] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1307010.005\ironx86.sys [2012-6-17 149624] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-15 654408] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 NAUpdate;@c:\program files\nero\update\nasvc.exe,-200;c:\program files\nero\update\NASvc.exe [2010-3-25 490280] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.7.1.5\ccsvchst.exe [2012-6-17 138232] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2011-3-15 428384] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-6-16 106656] R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20120613.007\IDSXpx86.sys [2012-6-13 356792] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-15 22344] R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120619.009\NAVENG.SYS [2012-6-19 87928] R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120619.009\NAVEX15.SYS [2012-6-19 1589752] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-1-20 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-17 257696] S3 EPUSBSTOR;EPSON USB Storage Driver;c:\windows\system32\drivers\epusbsto.sys [2001-9-9 17976] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-1-20 136176] . =============== Created Last 30 ================ . 2012-06-20 02:04:25 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b9ca2fbe-8354-4478-8ce9-773ed43f048f}\mpengine.dll 2012-06-18 18:53:05 6737808 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-06-18 06:36:37 -------- d-----w- c:\program files\Trend Micro 2012-06-18 02:16:08 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-06-18 02:16:08 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy 2012-06-18 01:36:25 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL 2012-06-17 17:37:25 905336 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symefa.sys 2012-06-17 17:37:25 574072 ----a-w- c:\windows\system32\drivers\nis\1307010.005\srtsp.sys 2012-06-17 17:37:25 388216 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symtdi.sys 2012-06-17 17:37:25 345208 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys 2012-06-17 17:37:25 340088 ----a-r- c:\windows\system32\drivers\nis\1307010.005\symds.sys 2012-06-17 17:37:25 32888 ----a-w- c:\windows\system32\drivers\nis\1307010.005\srtspx.sys 2012-06-17 17:37:25 318584 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symnets.sys 2012-06-17 17:37:25 149624 ----a-w- c:\windows\system32\drivers\nis\1307010.005\ironx86.sys 2012-06-17 17:37:25 132744 ----a-w- c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys 2012-06-17 17:37:07 4782 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symvtcer.dat 2012-06-17 17:37:06 -------- d-----w- c:\windows\system32\drivers\nis\1307010.005 2012-06-17 03:34:13 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2012-06-17 03:34:13 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2012-06-17 03:34:13 -------- d-----w- c:\program files\Symantec 2012-06-17 03:34:13 -------- d-----w- c:\program files\common files\Symantec Shared 2012-06-17 03:33:49 -------- d-----w- c:\windows\system32\drivers\NIS 2012-06-17 03:33:47 -------- d-----w- c:\program files\Norton Internet Security 2012-06-17 03:33:27 -------- d-----w- c:\program files\NortonInstaller 2012-06-17 03:33:27 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller 2012-06-17 02:53:36 -------- d-----w- c:\documents and settings\all users\application data\IsolatedStorage 2012-06-17 02:21:46 -------- d-----w- c:\program files\Advanced Fix 2012 2012-06-17 00:41:00 -------- d-----w- c:\documents and settings\user\local settings\application data\ID Vault 2012-06-17 00:40:13 -------- d-----w- c:\documents and settings\user\application data\ID Vault 2012-06-16 23:25:17 -------- d-----w- c:\documents and settings\user\local settings\application data\Sun 2012-06-16 23:09:10 -------- d-----w- c:\program files\Oracle 2012-06-16 23:09:04 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-16 23:09:04 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-16 23:09:04 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-06-16 22:09:26 -------- d-----w- c:\documents and settings\user\local settings\application data\PCHealth 2012-06-16 18:20:37 -------- d-----w- c:\program files\Constant Guard Protection Suite 2012-06-16 18:20:16 -------- d-----w- c:\documents and settings\all users\application data\White Sky, Inc 2012-06-16 18:08:15 -------- d-----w- c:\windows\system32\appmgmt 2012-06-16 07:25:36 -------- d-----w- c:\documents and settings\user\local settings\application data\NPE 2012-06-16 07:25:36 -------- d-----w- c:\documents and settings\all users\application data\Norton 2012-06-16 06:55:23 -------- d-----w- c:\windows\system32\wbem\repository\FS 2012-06-16 06:55:23 -------- d-----w- c:\windows\system32\wbem\Repository 2012-06-14 05:43:23 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll . ==================== Find3M ==================== . 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec 2012-05-05 09:05:09 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-05 09:05:09 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 23:31:31.60 =============== I guess pasting the link before posting would help. http://forums.malwarebytes.org/index.php?showtopic=111347 attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.