Jump to content

epoclick&google.analytics Problems


Recommended Posts

At first sorry for my bad english.

I've got a problem with Malware,it opens epoclick.com and some pages can't be loaded because of google.analytics which is loading all the time.

I reinstalled my system already but its still ther.

I dont know what to do.

Thanks for your help,

David

DDS (Ver_10-10-21.02) - NTFSx86

Run by David at 22:55:19,41 on 23.10.2010

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.2943.1663 [GMT 2:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\Explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\explorer.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\David\Downloads\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

================= FIREFOX ===================

FF - ProfilePath - c:\users\david\appdata\roaming\mozilla\firefox\profiles\wn9texhj.default\

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2010-10-23 135336]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-10-23 267432]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-10-23 60936]

R3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]

S?4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-10-23 38224]

S3 530B8074;530B8074;c:\windows\system32\530B8074.exe [2010-10-23 6656]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

=============== Created Last 30 ================

2010-10-23 20:18:09 -------- d-----w- c:\windows\Panther

2010-10-23 20:17:56 -------- d-----w- C:\Boot

2010-10-23 20:07:50 -------- d-sh--w- C:\$RECYCLE.BIN

2010-10-23 20:05:37 98816 ----a-w- c:\windows\sed.exe

2010-10-23 20:05:37 77312 ----a-w- c:\windows\MBR.exe

2010-10-23 20:05:37 256512 ----a-w- c:\windows\PEV.exe

2010-10-23 20:05:37 161792 ----a-w- c:\windows\SWREG.exe

2010-10-23 20:05:32 -------- d-----w- C:\Combo-Fix

2010-10-23 20:03:39 6656 ----a-w- c:\windows\system32\530B8074.exe

2010-10-23 19:58:18 -------- d-----w- c:\program files\EMET

2010-10-23 19:52:23 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{66a3918c-2c7f-4816-bc74-6493f6dab271}\mpengine.dll

2010-10-23 19:52:23 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-23 19:46:18 -------- d-----w- c:\users\david\appdata\local\Mozilla

2010-10-23 19:42:58 -------- d-----w- c:\users\david\appdata\roaming\Malwarebytes

2010-10-23 19:42:52 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-10-23 19:42:51 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-10-23 19:42:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-10-23 19:42:51 -------- d-----w- c:\progra~2\Malwarebytes

2010-10-23 19:41:19 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-10-23 19:41:18 -------- d-----w- c:\program files\Avira

2010-10-23 19:41:18 -------- d-----w- c:\progra~2\Avira

2010-10-23 19:37:50 -------- d-sh--w- c:\windows\Installer

2010-10-23 19:32:35 -------- d-sh--we C:\Programme

Attach.zip.zip

Link to post
Share on other sites

Hello David! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Link to post
Share on other sites

Hello David! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Thx.

Updating doesn't work I get this Message:

MBMA_ERROR_UPDATING (12007,0,WinHttpSendRequest)

Link to post
Share on other sites

Thx.

Updating doesn't work I get this Message:

MBMA_ERROR_UPDATING (12007,0,WinHttpSendRequest)

The Logfile,without update of MBMA

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Datenbank Version: 4052

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

23.10.2010 23:10:57

mbam-log-2010-10-23 (23-10-57).txt

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 110133

Laufzeit: 1 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschl

Link to post
Share on other sites

Please download and run the traceroute utility at this link. It will run a traceroute to our update servers to see if it can find the connection issue, and then it will write it to a log, and open that log in Notepad when it is done. Please either save the log as a Text File and then attach it to a reply, or copy and paste it into a reply, and I will forward it on to our server guy.

Note that it may take several minutes to run, and it may look like it is not doing anything for a few minutes. Normally it takes longer when there are errors that it has to log, but it's rare for it to go more than 10 minutes.

Link to post
Share on other sites

Please download and run the traceroute utility at this link. It will run a traceroute to our update servers to see if it can find the connection issue, and then it will write it to a log, and open that log in Notepad when it is done. Please either save the log as a Text File and then attach it to a reply, or copy and paste it into a reply, and I will forward it on to our server guy.

Note that it may take several minutes to run, and it may look like it is not doing anything for a few minutes. Normally it takes longer when there are errors that it has to log, but it's rare for it to go more than 10 minutes.

Here is the Log:

Traceroute Malwarebytes CDN version 1.5

24.10.2010

10:13:38,34

Phase #1

Tracerouting: data-cdn.mbamupdates.com

Der Zielname data-cdn.mbamupdates.com konnte nicht aufgel

Link to post
Share on other sites

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Link to post
Share on other sites

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Hi,i still can't update MBAM.

"MBMA_ERROR_UPDATING (12007,0,WinHttpSendRequest)"

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.