Jump to content

xrayrollins

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hey folks, I downloaded that bad winrar and I'm sick with intervalhehehe. Before I go to the doctor for some major drugs, I thought I'd ask you first. I can't access Google, Myspace, or Facebook among others. Here are my logs. Heeelp! Thanks, Chris Malwarebytes' Anti-Malware 1.30 Database version: 1452 Windows 6.0.6001 Service Pack 1 12/2/2008 7:32:44 PM mbam-log-2008-12-02 (19-32-44).txt Scan type: Quick Scan Objects scanned: 42701 Time elapsed: 1 minute(s), 11 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ;******************************************************************************* ******************************************************************************** * ******************* ANALYSIS: 2008-12-03 08:07:47 PROTECTIONS: 1 MALWARE: 1 SUSPECTS: 1 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== Norton Internet Security 15.5.0.23 Yes Yes ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 02083437 Generic Malware Virus/Trojan No 0 Yes Yes C:\Users\Chris\Pictures\p\office\Extras\MathType 5.1\mtype_v5_1_keygen.exe 02083437 Generic Malware Virus/Trojan No 0 Yes Yes C:\Users\Chris\Desktop\p\office\Extras\MathType 5.1\mtype_v5_1_keygen.exe ;=============================================================================== ================================================================================ = =================== SUSPECTS Sent Location h e C5 ;=============================================================================== ================================================================================ = =================== Yes C:\Users\Chris\AppData\Local\Temp\IXP000.TMP\explore.exe h e C5 ;=============================================================================== ================================================================================ = =================== VULNERABILITIES Id Severity Description h e C5 ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:33:16 PM, on 12/2/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files (x86)\BitComet\BitComet.exe C:\hp\support\hpsysdrv.exe C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Arovax AntiSpyware\ArovaxAntiSpyware.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Chris\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O1 - Hosts: 61.157.217.210 www.yahoo.com O1 - Hosts: 61.157.217.210 www.google.com O1 - Hosts: 61.157.217.210 www.google.co.uk O1 - Hosts: 61.157.217.210 www.myspace.com O1 - Hosts: 61.157.217.210 www.youtube.com O1 - Hosts: 61.157.217.210 www.facebook.com O1 - Hosts: 61.157.217.210 www.antispy.com O1 - Hosts: 61.157.217.210 www.yahoo.com O1 - Hosts: 61.157.217.210 www.yahoo.co.uk O1 - Hosts: 61.157.217.210 www.antispyware.com O1 - Hosts: 61.157.217.210 antispyware.com O1 - Hosts: 61.157.217.210 antispy.com O1 - Hosts: 61.157.217.210 www.msn.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.gg.com O1 - Hosts: 123.251.143.110 www.ghfhj.com O1 - Hosts: 123.251.143.110 www.cvnbcvnb.com O1 - Hosts: 123.251.143.110 www.1.com O1 - Hosts: 123.251.143.110 www.3.com O1 - Hosts: 123.251.143.110 www.asdf4asdfd.com O1 - Hosts: 123.251.143.110 www.asdfawsdfd.com O1 - Hosts: 123.251.143.110 www.asdfatsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfadsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfafsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfagsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasgdfd.com O1 - Hosts: 123.251.143.110 www.asdfasdhfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfjd.com O1 - Hosts: 123.251.143.110 www.asdfasdfkd.com O1 - Hosts: 123.251.143.110 www.asdfasdfld.com O1 - Hosts: 123.251.143.110 www.asdfasdf,d.com O1 - Hosts: 123.251.143.110 www.asxdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdzfasdfd.com O1 - Hosts: 123.251.143.110 www.asdcfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfvasdfd.com O1 - Hosts: 123.251.143.110 www.asdfabsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasndfd.com O1 - Hosts: 123.251.143.110 www.asdfasdmfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.11asdfasdfd.com O1 - Hosts: 123.251.143.110 www.as222dfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfa33sdfd.com O1 - Hosts: 123.251.143.110 www.asdfasd44fd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd5.com O1 - Hosts: 123.251.143.110 www.as66dfasdfd.com O1 - Hosts: 123.251.143.110 www.asdf77asdfd.com O1 - Hosts: 123.251.143.110 www.asdf8asdfd.com O1 - Hosts: 123.251.143.110 www.asdf9asdfd.com O1 - Hosts: 123.251.143.110 www.asdf0asdfd.com O1 - Hosts: 123.251.143.110 www.asdf-asdfd.com O1 - Hosts: 123.251.143.110 www.aqqsdfasdfd.com O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com O1 - Hosts: 123.16.197.121 www.asdhhfasdfdyy.com O1 - Hosts: 61.157.217.210 www.live.com O1 - Hosts: 123.251.143.110 www.asdwwwfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfeasdfd.com O1 - Hosts: 123.251.143.110 www.asdfrrasdfd.com O1 - Hosts: 123.251.143.110 www.asdfttasdfd.com O1 - Hosts: 123.251.143.110 www.asdfyyasdfd.com O1 - Hosts: 123.251.143.110 www.asdfuuuasdfd.com O1 - Hosts: 123.251.143.110 www.asdfaiisdfd.com O1 - Hosts: 123.251.143.110 www.asdfaoosdfd.com O1 - Hosts: 123.251.143.110 www.asdfappsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasssdfd.com O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdeefasdfd.com O1 - Hosts: 123.251.143.110 www.asdfffasdfd.com O1 - Hosts: 123.251.143.110 www.asdfavvvsdfd.com O1 - Hosts: 123.251.143.110 www.asnnndfasdfd.com O1 - Hosts: 123.251.143.110 www.asdmmmfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfaffsdfd.com O1 - Hosts: 123.251.143.110 www.asdhhfasdfd.com O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Arovax AntiSpyware] C:\Program Files (x86)\Arovax AntiSpyware\arovaxantispyware.exe /s O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - (no file) O13 - Gopher Prefix: O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13238 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.