Jump to content

Rootkit on computer. :\

Recommended Posts

Since last night, I been having random IP blocks from Malwarebytes. Also, it's bring up different websites and redirect my google searches.

Malwarebytes' Anti-Malware


Database version: 6830

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

6/10/2011 6:26:12 PM

mbam-log-2011-06-10 (18-26-12).txt

Scan type: Quick scan

Objects scanned: 183256

Time elapsed: 28 minute(s), 47 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)


DDS (Ver_2011-06-11.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_14

Run by KJ at 18:57:15 on 2011-06-10

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.67 [GMT -5:00]


AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: AVG Firewall *Disabled*


============== Running Processes ===============


C:\WINDOWS\system32\svchost -k DcomLaunch


c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup






C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe


C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\ShortKeys2\shklite.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe


C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG10\avgfws.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe


C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Java\jre6\bin\jucheck.exe


============== Pseudo HJT Report ===============


uStart Page = hxxp://www.yahoo.com/

uInternet Settings,ProxyOverride = *.local

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.