Jump to content

Recommended Posts

Hello, I am a relatively new Malwarebytes user (2 weeks). I did the standard scan and removal when I first got it, but I have been consistently getting "Malware bytes has sucessfully blocked access to a potentially malicious website" since I started using it. My situation is similiar to this user, whereby the protection log keeps showing:

2012/01/10 00:00:05 +0800 GILBERT-PC Gilbert IP-BLOCK 222.186.43.132 (Type: outgoing, Port: 62018, Process: wow.exe)

2012/01/10 00:00:05 +0800 GILBERT-PC Gilbert IP-BLOCK 222.186.43.132 (Type: outgoing, Port: 62019, Process: wow.exe)

Every few seconds or so, whenever I am logged into WoW. About a week and a half ago, my World of Warcraft account got hacked, and just today, it happened again, however I was able to temporarily intervene this time round before significant damage could be done. MBAM scans came back clean, so I suspect something else is still in my system. Here is the scan log and the DDS log:

Malwarebytes Anti-Malware (Trial) 1.60.0.1800

www.malwarebytes.org

Database version: v2012.01.09.05

Windows 7 x64 NTFS

Internet Explorer 8.0.7600.16385

Gilbert :: GILBERT-PC [administrator]

Protection: Enabled

1/10/2012 1:37:19 AM

mbam-log-2012-01-10 (01-37-19).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 207451

Time elapsed: 2 minute(s), 36 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385

Run by Gilbert at 1:44:16 on 2012-01-10

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.9207.3938 [GMT 8:00]

.

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\Six Engine\SixEngine.exe

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\ASUS\TurboV\TurboV.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE

E:\WoW\World of Warcraft\Wow.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Windows\splwow64.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe

C:\Windows\system32\taskmgr.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\notepad.exe

C:\Program Files (x86)\Mumble\mumble.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\notepad.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: HistoryTriggerBHO Class: {21a88cb9-84d2-4020-a2d1-b25a21034884} - E:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

BHO: KeyScramblerBHO Class: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [LG LinkAir]

uRun: [Disker] rundll32.exe C:\Users\Gilbert\AppData\Local\Temp\HIMYM.DLL,DW

mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\Users\Gilbert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Download Using &BitSpirit - C:\Program Files (x86)\BitSpirit\bsurl.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{49B70426-4C96-4B2A-9ECB-9E256B3B872F} : DhcpNameServer = 192.168.1.254

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: HistoryTriggerBHO Class: {21A88CB9-84D2-4020-A2D1-B25A21034884} - E:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

BHO-X64: LinkAirBrowserHelper HistoryTriggerBHO - No File

BHO-X64: KeyScramblerBHO Class: {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll

BHO-X64: QFX Software KeyScrambler - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

mRun-x64: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

.

============= SERVICES / DRIVERS ===============

.

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-11-2 90112]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 Giraffic;Veoh Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service [?]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-9 652872]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-26 2214504]

R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-29 275968]

R3 KeyScrambler;KeyScrambler;C:\Windows\system32\drivers\keyscrambler.sys --> C:\Windows\system32\drivers\keyscrambler.sys [?]

R3 LgBttPort;LGE Bluetooth TransPort;C:\Windows\system32\DRIVERS\lgbtpt64.sys --> C:\Windows\system32\DRIVERS\lgbtpt64.sys [?]

R3 lgbusenum;LG Bluetooth Bus Enumerator;C:\Windows\system32\DRIVERS\lgbtbs64.sys --> C:\Windows\system32\DRIVERS\lgbtbs64.sys [?]

R3 LGVMODEM;LGE Virtual Modem;C:\Windows\system32\DRIVERS\lgvmdm64.sys --> C:\Windows\system32\DRIVERS\lgvmdm64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\system32\DRIVERS\lgandbus64.sys --> C:\Windows\system32\DRIVERS\lgandbus64.sys [?]

S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\system32\DRIVERS\lganddiag64.sys --> C:\Windows\system32\DRIVERS\lganddiag64.sys [?]

S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\system32\DRIVERS\lgandgps64.sys --> C:\Windows\system32\DRIVERS\lgandgps64.sys [?]

S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\system32\DRIVERS\lgandmodem64.sys --> C:\Windows\system32\DRIVERS\lgandmodem64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-12-23 20:54:32 -------- d-----w- C:\Users\Gilbert\AppData\Roaming\QFX Software

2011-12-23 20:54:32 -------- d-----w- C:\ProgramData\QFX Software

2011-12-23 20:03:51 222904 ----a-w- C:\Windows\System32\drivers\keyscrambler.sys

2011-12-23 20:03:50 -------- d-----w- C:\Program Files (x86)\KeyScrambler

2011-12-23 19:59:12 -------- d-----w- C:\Users\Gilbert\AppData\Roaming\Malwarebytes

2011-12-23 19:59:04 -------- d-----w- C:\ProgramData\Malwarebytes

2011-12-23 19:59:01 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-12-23 19:59:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

.

==================== Find3M ====================

.

2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys

2011-11-05 05:26:29 1197568 ----a-w- C:\Windows\System32\wininet.dll

2011-11-05 05:23:10 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2011-11-05 05:17:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2011-11-05 04:35:50 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-11-05 04:34:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2011-11-05 04:30:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2011-11-05 04:07:32 482816 ----a-w- C:\Windows\System32\html.iec

2011-11-05 03:28:41 386048 ----a-w- C:\Windows\SysWow64\html.iec

2011-11-05 03:25:44 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-11-05 02:55:38 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-10-26 05:19:07 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2011-10-15 06:25:12 723456 ----a-w- C:\Windows\System32\EncDec.dll

2011-10-15 05:48:52 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

.

============= FINISH: 1:44:51.73 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume2

Install Date: 11/2/2009 1:23:06 PM

System Uptime: 1/9/2012 5:14:24 PM (8 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P6T SE

Processor: Intel® Core i7 CPU 920 @ 2.67GHz | LGA1366 | 2668/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 2.69 GiB free.

D: is CDROM (CDFS)

E: is FIXED (NTFS) - 279 GiB total, 33.187 GiB free.

H: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

7-Zip 4.65

AC3Filter 1.63b

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Reader 9.4.5

ASUS nVidia Driver

BabasChess

Baldur's Gate

BitSpirit v3.6.0.362 Stable

Character Builder

Chessmaster 10th Edition

Chessmaster 9000

Chessmaster Grandmaster Edition

Command & Conquer The First Decade

Constructor

Deep Rybka 3

Driver Sweeper version 3.1.0

EPU-6 Engine

erLT

EVGA Precision 2.0.3

GOG.com Downloader

GPGNet

Hiarcs 7.32

Java Auto Updater

Java 6 Update 22

JMicron JMB36X Driver

KeyScrambler

LG Bluetooth Drivers

LG On-Screen Phone

LG PC Suite IV

LG United Mobile Drivers

Malwarebytes Anti-Malware version 1.60.0.1800

Microsoft Choice Guard

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office Standard Edition 2003

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

Mumble and Murmur

NVIDIA Performance

NVIDIA PhysX

NVIDIA System Monitor

NVIDIA System Update

oZone3D.Net FurMark v1.8.2

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek 8136 8168 8169 Ethernet Driver

Realtek High Definition Audio Driver

RealUpgrade 1.1

Resident Evil 4 1.10

RESIDENT EVIL 5

Rybka 4

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

SpeedFan (remove only)

Starcraft

StarCraft II

Supreme Commander

System Requirements Lab for Intel

Total Annihilation

TurboV

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Ventrilo Client

Veoh Giraffic Video Accelerator

Veoh Web Player

VLC media player 1.1.0

WinDjView 1.0.3

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Live Sign-in Assistant

Windows Live Upload Tool

World of Warcraft

.

==== Event Viewer Messages From Past Week ========

.

1/9/2012 5:57:57 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.1 with the system having network hardware address 00-26-75-55-AB-72. Network operations on this system may be disrupted as a result.

1/9/2012 5:15:17 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: EIO_XP

1/9/2012 5:07:10 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

.

==== End Of File ===========================

Link to post
Share on other sites

  • 1 month later...
  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.