Jump to content

Recommended Posts

here are logs per instructions:

Malwarebytes' Anti-Malware 1.44

Database version: 3510

Windows 5.1.2600 Service Pack 2

Internet Explorer 6.0.2900.2180

2/10/2010 8:00:34 PM

mbam-log-2010-02-10 (20-00-34).txt

Scan type: Quick Scan

Objects scanned: 179957

Time elapsed: 10 minute(s), 5 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS (Ver_09-12-01.01) - FAT32x86

Run by Mike at 19:33:29.18 on Wed 02/10/2010

Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_07

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.991.722 [GMT -8:00]

FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

SVCHOST.EXE

C:\WINDOWS\System32\svchost.exe -k netsvcs

SVCHOST.EXE

SVCHOST.EXE

C:\WINDOWS\system32\spoolsv.exe

SVCHOST.EXE

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\VTTimer.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Messenger\msmsgs.exe

E:\Program Files\WinZip\WZQKPICK.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\explorer.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Documents and Settings\Mike.WICKHAMONE\Local Settings\Temporary Internet Files\Content.IE5\8J4ZIB61\dds[1].scr

============== Pseudo HJT Report ===============

mSearch Bar = hxxp://www.google.com/ie

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll

BHO: WsftpBrowserHelper Class: {601ed020-fb6c-11d3-87d8-0050da59922b} - c:\program files\ws_ftp pro\wsbho2k0.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [gmusyucp] c:\documents and settings\mike.wickhamone\local settings\application data\uakpsw\lewpsftav.exe

mRun: [VTTimer] VTTimer.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [soundMan] SOUNDMAN.EXE

mRun: [gmusyucp] c:\documents and settings\mike.wickhamone\local settings\application data\uakpsw\lewpsftav.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - e:\program files\winzip\WZQKPICK.EXE

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156183759359

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R2 BsUDFRDR;BsUDFRDR;c:\windows\system32\drivers\bsudfrdr.sys [2006-2-7 259096]

R3 NeroCd2k;NeroCd2k;c:\windows\system32\drivers\NeroCD2k.sys [2001-4-16 44227]

S0 vkquwexg;vkquwexg;c:\windows\system32\drivers\combo-fix.sys --> c:\windows\system32\drivers\Combo-Fix.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-6 135664]

S3 S3chipid;S3chipid;\??\c:\docume~1\mike~1.wic\locals~1\temp\{2b43252c-a1e3-4c47-927c-9f2c276d3515}\s3chipid.sys --> c:\docume~1\mike~1.wic\locals~1\temp\{2b43252c-a1e3-4c47-927c-9f2c276d3515}\S3chipid.sys [?]

S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2006-8-22 392824]

S4 BsUDF;BsUDF;c:\windows\system32\drivers\bsudf.sys [2006-2-7 291785]

=============== Created Last 30 ================

2010-02-11 03:32:21 0 ----a-w- c:\documents and settings\mike.wickhamone\defogger_reenable

2010-02-11 00:13:22 0 d-sh--w- C:\FOUND.000

2010-02-10 00:55:43 0 d--h--w- c:\windows\PIF

2010-02-04 00:01:14 0 d-sh--w- C:\FOUND.043

==================== Find3M ====================

2010-01-08 00:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-01-08 00:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-12-31 16:14:12 352640 ----a-w- c:\windows\system32\drivers\srv.sys

2009-12-31 16:14:12 352640 ----a-w- c:\windows\system32\dllcache\srv.sys

2009-12-16 12:58:04 343040 ----a-w- c:\windows\system32\mspaint.exe

2009-12-16 12:58:04 343040 ----a-w- c:\windows\system32\dllcache\mspaint.exe

2009-12-16 12:57:08 18432 ----a-w- c:\windows\system32\dllcache\iedw.exe

2009-12-14 07:35:36 33280 ----a-w- c:\windows\system32\dllcache\csrsrv.dll

2009-12-14 07:35:36 33280 ----a-w- c:\windows\system32\csrsrv.dll

2009-12-08 18:55:26 2180352 ----a-w- c:\windows\system32\ntoskrnl.exe

2009-12-08 18:55:26 2180352 ------w- c:\windows\system32\dllcache\ntoskrnl.exe

2009-12-08 18:53:08 2136064 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe

2009-12-08 18:19:32 2057728 ----a-w- c:\windows\system32\ntkrnlpa.exe

2009-12-08 18:19:32 2057728 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe

2009-12-08 18:19:32 2015744 ------w- c:\windows\system32\dllcache\ntkrpamp.exe

2009-12-08 09:13:52 474112 ----a-w- c:\windows\system32\dllcache\shlwapi.dll

2009-12-04 14:41:56 453760 ------w- c:\windows\system32\dllcache\mrxsmb.sys

2009-11-27 17:33:36 17920 ----a-w- c:\windows\system32\msyuv.dll

2009-11-27 17:33:36 17920 ------w- c:\windows\system32\dllcache\msyuv.dll

2009-11-27 17:33:36 1291264 ----a-w- c:\windows\system32\quartz.dll

2009-11-27 17:33:36 1291264 ----a-w- c:\windows\system32\dllcache\quartz.dll

2009-11-27 16:37:28 8704 ----a-w- c:\windows\system32\tsbyuv.dll

2009-11-27 16:37:28 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll

2009-11-27 16:37:28 84992 ----a-w- c:\windows\system32\dllcache\avifil32.dll

2009-11-27 16:37:28 84992 ----a-w- c:\windows\system32\avifil32.dll

2009-11-27 16:37:28 48128 ----a-w- c:\windows\system32\iyuv_32.dll

2009-11-27 16:37:28 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll

2009-11-27 16:37:28 28672 ----a-w- c:\windows\system32\msvidc32.dll

2009-11-27 16:37:28 28672 ----a-w- c:\windows\system32\dllcache\msvidc32.dll

2009-11-27 16:37:28 11264 ----a-w- c:\windows\system32\msrle32.dll

2009-11-27 16:37:28 11264 ----a-w- c:\windows\system32\dllcache\msrle32.dll

2009-11-21 16:36:14 470528 ----a-w- c:\windows\system32\dllcache\aclayers.dll

2006-02-19 01:28:18 774144 ----a-w- c:\program files\RngInterstitial.dll

2006-01-01 22:29:38 271 --sh--w- c:\program files\desktop.ini

2006-01-01 22:29:38 23357 ---h--w- c:\program files\folder.htt

============= FINISH: 19:34:09.07 ===============

Link to post
Share on other sites

  • 1 month later...
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.