Jump to content

keylogger! heres my mbam log


Recommended Posts

Malwarebytes Anti-Malware (Trial) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.01.08

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

myke :: MIKI [administrator]

Protection: Enabled

7/1/2012 4:27:54 PM

mbam-log-2012-07-01 (16-46-28).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 273097

Time elapsed: 14 minute(s), 49 second(s)

Memory Processes Detected: 1

C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> 1628 -> No action taken.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 36

HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.BundleInstaller.IB) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (PUP.BundleInstaller.IB) -> No action taken.

HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.

HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) -> No action taken.

HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) -> No action taken.

HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken.

HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> No action taken.

HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> No action taken.

HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> No action taken.

HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> No action taken.

HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> No action taken.

HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> No action taken.

HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> No action taken.

HKCU\Software\DC3_FEXEC (Malware.Trace) -> No action taken.

HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> No action taken.

HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.

HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.

HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.

HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> No action taken.

HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken.

Registry Values Detected: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> No action taken.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 6

C:\Program Files\I Want This (Adware.GamePlayLab) -> No action taken.

C:\Users\myke\AppData\Roaming\dclogs (Stolen.Data) -> No action taken.

C:\Users\myke\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> No action taken.

C:\Users\myke\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> No action taken.

C:\Users\myke\AppData\Local\I Want This (Adware.GamePlayLab) -> No action taken.

C:\Users\myke\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> No action taken.

Files Detected: 30

C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> No action taken.

C:\Program Files\I Want This\I Want This.dll (Adware.GamePlayLabs) -> No action taken.

C:\Users\myke\AppData\Local\Temp\javav.exe (PUP.HackTool.ACGen) -> No action taken.

C:\Users\myke\Downloads\Converterlite.exe (PUP.BundleInstaller.OI) -> No action taken.

C:\Users\myke\Downloads\SoftonicDownloader_for_world-of-warcraft.exe (PUP.ToolbarDownloader) -> No action taken.

C:\Users\myke\Downloads\DownloadManager_Setup (1).exe (PUP.Bundle.Installer.OI) -> No action taken.

C:\Users\myke\Downloads\DownloadManager_Setup.exe (PUP.Bundle.Installer.OI) -> No action taken.

C:\Users\myke\Downloads\epicbot.exe (PUP.BundleOffers.IIQ) -> No action taken.

C:\Users\myke\Downloads\epicbot_520 (1).exe (PUP.BundleOffers.IIQ) -> No action taken.

C:\Users\myke\Downloads\epicbot_520 (2).exe (PUP.BundleOffers.IIQ) -> No action taken.

C:\Users\myke\Downloads\epicbot_520 (3).exe (PUP.BundleOffers.IIQ) -> No action taken.

C:\Users\myke\Downloads\epicbot_520.exe (PUP.BundleOffers.IIQ) -> No action taken.

C:\Users\Steven\Local Settings\Temporary Internet Files\Content.IE5\8VCK7IYA\PlayPickle_truste.exe (PUP.BundleInstaller.OI) -> No action taken.

C:\Users\Steven\Local Settings\Temporary Internet Files\Content.IE5\GA7SFAUP\GameWrangler.exe (PUP.BundleInstaller.OI) -> No action taken.

C:\Users\myke\AppData\Local\Temp\file2.exe (Trojan.Agent.Gen) -> No action taken.

C:\Program Files\I Want This\I Want This.ini (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\appAPIinternalWrapper.js (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\fb.js (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\I Want This.exe (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\I Want This.ico (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\I Want ThisGui.exe (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\jquery.js (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\json.js (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\Uninstall.exe (Adware.GamePlayLab) -> No action taken.

C:\Users\myke\AppData\Roaming\dclogs\2012-06-30-7.dc (Stolen.Data) -> No action taken.

C:\Users\myke\AppData\Roaming\dclogs\2012-07-01-1.dc (Stolen.Data) -> No action taken.

C:\Users\myke\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> No action taken.

C:\Users\myke\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> No action taken.

C:\Program Files\I Want This\I Want This.dll (PUP.GamePlayLab) -> No action taken.

(end)

Link to post
Share on other sites

Hello ihaveakeylogger and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Please follow the instructions here and post the log files in your next reply:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.