Jump to content

mbsbscan.exe

Firefox

By Firefox
in File Detections

 Share

Recommended Posts

Firefox

Firefox

Posted
Posted

I know this is not a false positive while using Malwarebytes, but it is one of your files being targeted or detected. This is with RogueKiller app v10.5.8. You guys may want to contact them about it. This is during a prescan.

RogueKiller Log: if needed...
RogueKiller V10.5.8.0 (x64) [Mar 30 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : owner [Administrator]
Started from : L:\Flash Drives\128GB Flash Drive Backup\Tech CD\Utils\Ad Aware\Bleeping Computer Stuff\RogueKiller by tigzy\RogueKillerX64 V10.5.8.exe
Mode : Scan -- Date : 03/30/2015 11:10:32

¤¤¤ Processes : 1 ¤¤¤
[Tr.Zeus] mbsbscan.exe(9528) -- C:\Program Files (x86)\Malwarebytes Secure Backup\mbsbscan.exe[7] -> Killed [TermProc]

¤¤¤ Registry : 9 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 36 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 media.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 api.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 installer.betterinstaller.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 installer.filebulldog.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 inno.bisrv.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 nsis.bisrv.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.file2desktop.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.goateastcach.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.guttastatdk.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.inskinmedia.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.oibundles2.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.playbryte.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.llogetfastcach.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.montiera.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.msdwnld.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.mypcbackup.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.ppdownload.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.riceateastcach.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.shyapotato.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.solimba.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.tuto4pc.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.appround.biz
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bigspeedpro.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bispd.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bisrv.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.cdndp.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.download.sweetpacks.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.dpdownload.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.visualbee.net

¤¤¤ Antirootkit : 52 (Driver: Loaded) ¤¤¤
[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtProtectVirtualMemory : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtAllocateVirtualMemory : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestExW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToFileW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToCacheFileW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtProtectVirtualMemory : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtAllocateVirtualMemory : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CopyFileW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessInternalA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - MoveFileW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateFileA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CopyFileA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestExW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetOpenUrlW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - WinExec : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) SHELL32.dll - ShellExecuteExW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) SHELL32.dll - ShellExecuteW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToCacheFileW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetReadFile : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetReadFileExW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpOpenRequestA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpOpenRequestW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToFileW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLOpenBlockingStreamW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - MoveFileA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtProtectVirtualMemory : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NtAllocateVirtualMemory : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CopyFileW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessInternalA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - MoveFileW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateFileA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CopyFileA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestExW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetOpenUrlW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - CreateProcessW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) kernel32.dll - WinExec : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) SHELL32.dll - ShellExecuteExW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) SHELL32.dll - ShellExecuteW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetReadFile : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - InternetReadFileExW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpOpenRequestA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpOpenRequestW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) WININET.dll - HttpSendRequestA : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToFileW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLOpenBlockingStreamW : @ 0x0 ()
[iAT:Inl(Hook.IEAT)] (iexplore.exe) urlmon.dll - URLDownloadToCacheFileW : @ 0x0 ()

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] hcdjlx88.default : user_pref("browser.startup.homepage", "http://www.bleepingcomputer.com/forums/|https://forums.malwarebytes.org/|http://www.systemlookup.com/");-> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ATA TOSHIBA DT01ACA2 SCSI Disk Device +++++
--- User ---
[MBR] 9a58401060fd78b7ced0042be99fe3e8
[bSP] a4478fcfe5b4c86f09d53598ed58a5e2 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 81920 | Size: 750 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1617920 | Size: 367112 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 753463296 | Size: 1539826 MB
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )

+++++ PhysicalDrive1: ATA TOSHIBA DT01ACA2 SCSI Disk Device +++++
--- User ---
[MBR] d4ecfbd1a1d3c4917af6d6d28c8c95d7
[bSP] 6f5fe8da57fa68252ca31cc6e5d209fd : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Incorrect function. )

+++++ PhysicalDrive2: Kanguru SS3 USB Device +++++
--- User ---
[MBR] 94f9443d96441ecfcdafb5853a2e8a7e
[bSP] 39eaafe8c7c2f2a60c9df4ab5a671e21 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 120348 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive6: Generic- M.S./M.S.Pro/HG USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

post-17127-0-03032300-1427731423_thumb.j

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.