Jump to content

Need help with malware

Recommended Posts

DDS (Ver_10-03-17.01) - FAT32x86

Run by Usuario at 0:48:00,20 on 26/07/2010

Internet Explorer: 6.0.2900.5512

Microsoft Windows XP Home Edition 5.1.2600.3.1252.34.3082.18.958.451 [GMT 2:00]

AV: avast! Antivirus *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch


C:\WINDOWS\System32\svchost.exe -k netsvcs




C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe


C:\Archivos de programa\Synaptics\SynTP\SynTPLpr.exe

C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe





C:\Archivos de programa\Arcade\PCMService.exe

C:\Archivos de programa\Launch Manager\QtZgAcer.EXE


C:\Archivos de programa\iTunes\iTunesHelper.exe


C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe

C:\Archivos de programa\Messenger\msmsgs.exe




C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Archivos de programa\Bonjour\mDNSResponder.exe

C:\Archivos de programa\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc


C:\Archivos de programa\iPod\bin\iPodService.exe



C:\Archivos de programa\Mozilla Firefox\firefox.exe

C:\Archivos de programa\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Usuario\Mis documentos\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.es/

mDefault_Page_URL = hxxp://global.acer.com

mStart Page = hxxp://search.myheritage.com

uInternet Connection Wizard,ShellNext = hxxp://www.symantec.com/techsupp/servlet/ProductMessages?module=2010&error=0&language=es&product=SymNRT&version=2010.0.0.98&build=Symantec

uInternet Settings,ProxyOverride = <local>;*.local

uInternet Settings,ProxyServer = http=

BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\archivos de programa\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\archivos de programa\java\jre6\bin\ssv.dll

BHO: Windows Live Aplicaci



Link to post
Share on other sites

  • Staff


First of all, please update MalwareBytes, because the databaseversion is outdated.

  • Start MalwareBytes and click the Update tab. There click "Check for updates"
  • Once the updates are downloaded, perform a quick scan again.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply along with a fresh HijackThis log, then we'll proceed from there with new steps.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.