Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Search the Community

Showing results for tags 'infected spyware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. Merged post I started a post on another MB forum and was told to open a new one here so someone could help me fix my problem. Here is a link to the other post I had, as well as the DDS & Attach files. Thanks in advance for your help! . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1 Run by User at 23:31:00 on 2012-06-19 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.1889 [GMT -4:00] . AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: Norton Internet Security *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\stsystra.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe svchost.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wscntfy.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyServer = 108.166.95.58:8080 BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.7.1.5\ips\IPSBHO.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll TB: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [NBAgent] "c:\program files\nero\nero 10\nero backitup\NBAgent.exe" /WinStart mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [ContentTransferWMDetector.exe] c:\program files\sony\content transfer\ContentTransferWMDetector.exe mRun: [AgentMonitor] c:\program files\vtech\downloadmanager\system\AgentMonitor.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [adblock pro] c:\program files\adblock pro\abpmain.exe -m mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {004DF9D9-566D-11D7-B77D-00E018901A05} - hxxp://surfcam.castleinthesand.com/iqeye.ocx.gz DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309922957656 DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{845F1E14-703E-43C9-8E95-FC74DABB12FA} : DhcpNameServer = 75.75.76.76 75.75.75.75 Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\et9ohpua.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: network.proxy.ftp - 203.42.246.231 FF - prefs.js: network.proxy.ftp_port - 80 FF - prefs.js: network.proxy.http - 203.42.246.231 FF - prefs.js: network.proxy.http_port - 80 FF - prefs.js: network.proxy.socks - 203.42.246.231 FF - prefs.js: network.proxy.socks_port - 80 FF - prefs.js: network.proxy.ssl - 203.42.246.231 FF - prefs.js: network.proxy.ssl_port - 80 FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064] R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1307010.005\symds.sys [2012-6-17 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1307010.005\symefa.sys [2012-6-17 905336] R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20120531.001\BHDrvx86.sys [2012-5-31 821880] R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys [2012-6-17 132744] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1307010.005\ironx86.sys [2012-6-17 149624] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-15 654408] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 NAUpdate;@c:\program files\nero\update\nasvc.exe,-200;c:\program files\nero\update\NASvc.exe [2010-3-25 490280] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.7.1.5\ccsvchst.exe [2012-6-17 138232] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2011-3-15 428384] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-6-16 106656] R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20120613.007\IDSXpx86.sys [2012-6-13 356792] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-15 22344] R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120619.009\NAVENG.SYS [2012-6-19 87928] R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120619.009\NAVEX15.SYS [2012-6-19 1589752] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-1-20 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-17 257696] S3 EPUSBSTOR;EPSON USB Storage Driver;c:\windows\system32\drivers\epusbsto.sys [2001-9-9 17976] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-1-20 136176] . =============== Created Last 30 ================ . 2012-06-20 02:04:25 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b9ca2fbe-8354-4478-8ce9-773ed43f048f}\mpengine.dll 2012-06-18 18:53:05 6737808 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-06-18 06:36:37 -------- d-----w- c:\program files\Trend Micro 2012-06-18 02:16:08 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-06-18 02:16:08 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy 2012-06-18 01:36:25 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL 2012-06-17 17:37:25 905336 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symefa.sys 2012-06-17 17:37:25 574072 ----a-w- c:\windows\system32\drivers\nis\1307010.005\srtsp.sys 2012-06-17 17:37:25 388216 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symtdi.sys 2012-06-17 17:37:25 345208 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys 2012-06-17 17:37:25 340088 ----a-r- c:\windows\system32\drivers\nis\1307010.005\symds.sys 2012-06-17 17:37:25 32888 ----a-w- c:\windows\system32\drivers\nis\1307010.005\srtspx.sys 2012-06-17 17:37:25 318584 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symnets.sys 2012-06-17 17:37:25 149624 ----a-w- c:\windows\system32\drivers\nis\1307010.005\ironx86.sys 2012-06-17 17:37:25 132744 ----a-w- c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys 2012-06-17 17:37:07 4782 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symvtcer.dat 2012-06-17 17:37:06 -------- d-----w- c:\windows\system32\drivers\nis\1307010.005 2012-06-17 03:34:13 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2012-06-17 03:34:13 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2012-06-17 03:34:13 -------- d-----w- c:\program files\Symantec 2012-06-17 03:34:13 -------- d-----w- c:\program files\common files\Symantec Shared 2012-06-17 03:33:49 -------- d-----w- c:\windows\system32\drivers\NIS 2012-06-17 03:33:47 -------- d-----w- c:\program files\Norton Internet Security 2012-06-17 03:33:27 -------- d-----w- c:\program files\NortonInstaller 2012-06-17 03:33:27 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller 2012-06-17 02:53:36 -------- d-----w- c:\documents and settings\all users\application data\IsolatedStorage 2012-06-17 02:21:46 -------- d-----w- c:\program files\Advanced Fix 2012 2012-06-17 00:41:00 -------- d-----w- c:\documents and settings\user\local settings\application data\ID Vault 2012-06-17 00:40:13 -------- d-----w- c:\documents and settings\user\application data\ID Vault 2012-06-16 23:25:17 -------- d-----w- c:\documents and settings\user\local settings\application data\Sun 2012-06-16 23:09:10 -------- d-----w- c:\program files\Oracle 2012-06-16 23:09:04 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-16 23:09:04 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-16 23:09:04 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-06-16 22:09:26 -------- d-----w- c:\documents and settings\user\local settings\application data\PCHealth 2012-06-16 18:20:37 -------- d-----w- c:\program files\Constant Guard Protection Suite 2012-06-16 18:20:16 -------- d-----w- c:\documents and settings\all users\application data\White Sky, Inc 2012-06-16 18:08:15 -------- d-----w- c:\windows\system32\appmgmt 2012-06-16 07:25:36 -------- d-----w- c:\documents and settings\user\local settings\application data\NPE 2012-06-16 07:25:36 -------- d-----w- c:\documents and settings\all users\application data\Norton 2012-06-16 06:55:23 -------- d-----w- c:\windows\system32\wbem\repository\FS 2012-06-16 06:55:23 -------- d-----w- c:\windows\system32\wbem\Repository 2012-06-14 05:43:23 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll . ==================== Find3M ==================== . 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec 2012-05-05 09:05:09 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-05 09:05:09 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 23:31:31.60 =============== I guess pasting the link before posting would help. http://forums.malwarebytes.org/index.php?showtopic=111347 attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.