Jump to content

Malware problems...Total crash!


Recommended Posts

My computer recntly encountered a virus that i cannot contain on my own! I've followed the directions from all the other forum's pages that lead me to here...I was able to get a HJT report but i cannot get Malware to open so there is not one for that sorry.....

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:00:46 PM, on 8/14/2011

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16839)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=e527&r=27361110l225l0454z1j5r45j2r209

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.charter.net/google/index.php?q=

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=e527&r=27361110l225l0454z1j5r45j2r209

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=e527&r=27361110l225l0454z1j5r45j2r209

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Powered by Charter Communications

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (file missing)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (file missing)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll

O3 - Toolbar: @c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (file missing)

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [bing Bar] "c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\mswinext.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [iCQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [security Protection] C:\ProgramData\defender.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O13 - Gopher Prefix:

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SeaPort - Unknown owner - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Updater Service - Acer Group - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11520 bytes

Link to post
Share on other sites

I also tried this to get Malware to run but there wasn't a TDSSserv.sys...maybe because this is in 08 and i'm runnin W7!

Welcome to Malwarebytes

Please try the following routine to see if you can get Malwarebytes to run.

Click on Start, click Run, and then type devmgmt.msc and click OK

On the View menu click on Show hidden devices

Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys

Highlight that driver and right click on it and select DISABLE

Now RESTART your computer.

Download a copy of Malwarebytes but DO NOT run it yet.

Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.

Once the program is installed go to the UPDATE tab and try to update the program if you can.

Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found

Link to post
Share on other sites

Finally got the free anti-virus downloaded and installed hre is the report.....

Avira AntiVir Personal

Report file date: Sunday, August 14, 2011 22:36

Scanning for 3375460 virus strains and unwanted programs.

The program is running as an unrestricted full version.

Online services are available:

Licensee : Avira AntiVir Personal - Free Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows 7 x64

Windows version : (plain) [6.1.7600]

Boot mode : Normally booted

Username : Chris

Computer name : CRIZZO-PC

Version information:

BUILD.DAT : 10.0.0.652 31824 Bytes 7/20/2011 16:49:00

AVSCAN.EXE : 10.0.4.2 442024 Bytes 7/20/2011 16:30:06

AVSCAN.DLL : 10.0.3.0 46440 Bytes 7/20/2011 16:30:45

LUKE.DLL : 10.0.3.2 104296 Bytes 7/20/2011 16:30:32

LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49

VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36

VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 12:53:55

VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 12:53:56

VBASE003.VDF : 7.11.5.225 1980416 Bytes 4/7/2011 16:30:38

VBASE004.VDF : 7.11.8.178 2354176 Bytes 5/31/2011 16:30:40

VBASE005.VDF : 7.11.10.251 1788416 Bytes 7/7/2011 16:30:41

VBASE006.VDF : 7.11.10.252 2048 Bytes 7/7/2011 16:30:41

VBASE007.VDF : 7.11.10.253 2048 Bytes 7/7/2011 16:30:41

VBASE008.VDF : 7.11.10.254 2048 Bytes 7/7/2011 16:30:41

VBASE009.VDF : 7.11.10.255 2048 Bytes 7/7/2011 16:30:41

VBASE010.VDF : 7.11.11.0 2048 Bytes 7/7/2011 16:30:41

VBASE011.VDF : 7.11.11.1 2048 Bytes 7/7/2011 16:30:41

VBASE012.VDF : 7.11.11.2 2048 Bytes 7/7/2011 16:30:41

VBASE013.VDF : 7.11.11.75 688128 Bytes 7/12/2011 16:30:41

VBASE014.VDF : 7.11.11.104 978944 Bytes 7/13/2011 16:30:42

VBASE015.VDF : 7.11.11.137 655360 Bytes 7/14/2011 16:30:42

VBASE016.VDF : 7.11.11.184 699392 Bytes 7/18/2011 03:34:14

VBASE017.VDF : 7.11.11.214 414208 Bytes 7/19/2011 03:34:17

VBASE018.VDF : 7.11.11.242 772096 Bytes 7/20/2011 03:34:22

VBASE019.VDF : 7.11.12.3 1291776 Bytes 7/20/2011 03:34:31

VBASE020.VDF : 7.11.12.30 844288 Bytes 7/21/2011 03:34:37

VBASE021.VDF : 7.11.12.67 149504 Bytes 7/24/2011 03:34:38

VBASE022.VDF : 7.11.12.93 195072 Bytes 7/25/2011 03:34:39

VBASE023.VDF : 7.11.12.113 150528 Bytes 7/26/2011 03:34:39

VBASE024.VDF : 7.11.12.152 182784 Bytes 7/28/2011 03:34:40

VBASE025.VDF : 7.11.12.181 117760 Bytes 8/1/2011 03:34:41

VBASE026.VDF : 7.11.12.205 148480 Bytes 8/3/2011 03:34:43

VBASE027.VDF : 7.11.12.229 252928 Bytes 8/5/2011 03:34:44

VBASE028.VDF : 7.11.12.243 134656 Bytes 8/8/2011 03:34:45

VBASE029.VDF : 7.11.13.14 164864 Bytes 8/11/2011 03:34:46

VBASE030.VDF : 7.11.13.15 2048 Bytes 8/11/2011 03:34:46

VBASE031.VDF : 7.11.13.38 247296 Bytes 8/14/2011 03:34:47

Engineversion : 8.2.6.30

AEVDF.DLL : 8.1.2.1 106868 Bytes 4/21/2011 12:53:28

AESCRIPT.DLL : 8.1.3.74 1622393 Bytes 8/15/2011 03:35:04

AESCN.DLL : 8.1.7.2 127349 Bytes 4/21/2011 12:53:27

AESBX.DLL : 8.2.1.34 323957 Bytes 7/20/2011 16:29:54

AERDL.DLL : 8.1.9.13 639349 Bytes 7/20/2011 16:29:53

AEPACK.DLL : 8.2.9.5 676214 Bytes 7/20/2011 16:29:53

AEOFFICE.DLL : 8.1.2.13 201083 Bytes 8/15/2011 03:35:01

AEHEUR.DLL : 8.1.2.153 3678584 Bytes 8/15/2011 03:35:00

AEHELP.DLL : 8.1.17.7 254327 Bytes 8/15/2011 03:34:51

AEGEN.DLL : 8.1.5.7 401778 Bytes 8/15/2011 03:34:51

AEEMU.DLL : 8.1.3.0 393589 Bytes 4/21/2011 12:53:14

AECORE.DLL : 8.1.22.4 196983 Bytes 7/20/2011 16:29:42

AEBB.DLL : 8.1.1.0 53618 Bytes 4/21/2011 12:53:14

AVWINLL.DLL : 10.0.0.0 19304 Bytes 4/21/2011 12:53:36

AVPREF.DLL : 10.0.0.0 44904 Bytes 7/20/2011 16:30:04

AVREP.DLL : 10.0.0.8 62209 Bytes 7/20/2011 16:30:04

AVREG.DLL : 10.0.3.2 53096 Bytes 7/20/2011 16:30:04

AVSCPLR.DLL : 10.0.4.2 84840 Bytes 7/20/2011 16:30:06

AVARKT.DLL : 10.0.22.6 231784 Bytes 7/20/2011 16:29:58

AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 7/20/2011 16:30:03

SQLITE3.DLL : 3.6.19.0 355688 Bytes 7/20/2011 21:40:24

AVSMTP.DLL : 10.0.0.17 63848 Bytes 4/21/2011 12:53:36

NETNT.DLL : 10.0.0.0 11624 Bytes 4/21/2011 12:53:46

RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 7/20/2011 16:30:48

RCTEXT.DLL : 10.0.58.0 97128 Bytes 7/20/2011 16:30:48

Configuration settings for the scan:

Jobname.............................: Short system scan after installation

Configuration file..................: c:\program files (x86)\avira\antivir desktop\setupprf.dat

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Process scan........................: on

Scan registry.......................: on

Search for rootkits.................: off

Integrity checking of system files..: off

Scan all files......................: Intelligent file selection

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

Start of the scan: Sunday, August 14, 2011 22:36

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'avconfig.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'setup.exe' - '1' Module(s) have been scanned

Scan process 'presetup.exe' - '1' Module(s) have been scanned

Scan process 'avira_antivir_personal_en[1].exe' - '1' Module(s) have been scanned

Scan process 'iexplore.exe' - '1' Module(s) have been scanned

Scan process 'FlashUtil10l_ActiveX.exe' - '1' Module(s) have been scanned

Scan process 'iexplore.exe' - '1' Module(s) have been scanned

Scan process 'iexplore.exe' - '1' Module(s) have been scanned

Scan process 'ping.exe' - '1' Module(s) have been scanned

Scan process 'LMworker.exe' - '1' Module(s) have been scanned

Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned

Scan process 'jusched.exe' - '1' Module(s) have been scanned

Scan process 'AvastUI.exe' - '1' Module(s) have been scanned

Scan process 'LManager.exe' - '1' Module(s) have been scanned

Scan process 'IAStorIcon.exe' - '1' Module(s) have been scanned

Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned

Scan process 'IAStorDataMgrSvc.exe' - '1' Module(s) have been scanned

Scan process 'UpdaterService.exe' - '1' Module(s) have been scanned

Scan process 'SchedulerSvc.exe' - '1' Module(s) have been scanned

Scan process 'ICQ Service.exe' - '1' Module(s) have been scanned

Scan process 'GREGsvc.exe' - '1' Module(s) have been scanned

Scan process 'dsiwmis.exe' - '1' Module(s) have been scanned

Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned

Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned

Scan process 'AvastSvc.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:

Master boot sector HD0

[DETECTION] Contains code of the BOO/TDss.M boot sector virus

[NOTE] The boot sector was not written!

Start scanning boot sectors:

Starting to scan executable files (registry).

The registry was scanned ( '811' files ).

End of the scan: Sunday, August 14, 2011 22:37

Used time: 01:04 Minute(s)

The scan has been done completely.

0 Scanned directories

1401 Files were scanned

1 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

0 Files cannot be scanned

1401 Files not concerned

6 Archives were scanned

0 Warnings

1 Notes

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Rename MBAM.exe to iexplore.exe and see if it will run; if no joy, try iexplore.com

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

  • 3 weeks later...
  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.