Jump to content

Uchiha Itachi

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral

About Uchiha Itachi

  • Birthday 04/25/1994
  1. Man,Im stuck here...I can install mbam but I can't Open it...But when I open my Task Manager,I see the Mbam running...But I can't see it... I'm not Infected by any Virus or Malwares but why can't I open it?
  2. When I opened Windows Services I found this service named ipfw_helper..Well it doesn't starts up and I disabled it...Unknown File...I don't know what that is and i can download Malwarebytes' but I can't run or open it...When i click it to run..It doesn't shows up...But When i opened my task manager,The application is running...and sometimes not responding and the malwarebytes' windows doesn't show up....whats wrong?????
  3. I've successfully installed mbam...i've installed it but yesterday i can't download or install it,yesterdau everytime i download it,firefox freezes and then crashes... but now i've successfully installed it but i can't even open it..i ran task manager i see it that the malwarebytes' is running..but the window of malwarebytes isn't showed up...it only showed up once when i open it but it took a very long time...I've fixed 25 infected files but then i when i opened malwarebytes,it won't open ..but i see it running on proccesses of taskmanager...
  4. DDS (Ver_09-05-14.01) - NTFSx86 Run by user at 18:21:04.34 on Wed 05/27/2009 Internet Explorer: 6.0.2900.2180 ============== Pseudo HJT Report =============== uStart Page = hxxp://yahoo.com/ uSearch Bar = hxxp://www.yahoo.com/search/ie.html mStart Page = hxxp://www.yahoo.com/ mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File mRun: [cFosSpeed] c:\program files\cfosspeed\cFosSpeed.exe mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRunOnce: [RunNarrator] Narrator.exe uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1) IE: &Search IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab TCP: {47C38A36-B39F-432F-99B7-54E6BE7F7005} = 208.67.222.222,208.67.220.220 SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\3nu7gthi.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.ph/ ---- FIREFOX POLICIES ---- FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: network.http.max-persistent-connections-per-server - 4 ============= SERVICES / DRIVERS =============== ============== File Associations =============== JSEFile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 =============== Created Last 30 ================ 2009-05-27 15:25 <DIR> --d----- c:\docume~1\user\applic~1\Malwarebytes 2009-05-27 15:25 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-27 15:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-05-27 15:25 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-05-27 15:25 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-05-27 14:46 <DIR> --d----- c:\program files\Trend Micro 2009-05-27 13:21 0 a------- c:\windows\control.ini 2009-05-25 13:58 <DIR> --d----- c:\program files\ESET 2009-05-24 10:07 787,672 a------- c:\windows\system32\drivers\cfosspeed.sys 2009-05-24 10:07 290,008 a------- c:\windows\system32\cfosspeed.dll 2009-05-24 10:07 <DIR> --d----- c:\program files\cFosSpeed 2009-05-22 17:30 112 a------- c:\windows\winzipme.ini 2009-05-22 17:28 <DIR> --d----- c:\program files\DSL Speed 2009-05-20 17:23 <DIR> --d----- c:\docume~1\user\applic~1\TuneUp Software 2009-05-20 17:21 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TuneUp Software 2009-05-20 17:20 <DIR> --dsh--- c:\docume~1\alluse~1\applic~1\{55A29068-F2CE-456C-9148-C869879E2357} 2009-05-18 15:18 <DIR> --dsh--- c:\documents and settings\user\IECompatCache 2009-05-18 14:51 <DIR> --dsh--- c:\documents and settings\user\PrivacIE 2009-05-18 14:42 <DIR> --dsh--- c:\documents and settings\user\IETldCache 2009-05-18 14:26 81,920 a------- c:\windows\system32\ieencode.dll 2009-05-18 14:26 81,920 a------- c:\windows\system32\dllcache\ieencode.dll 2009-05-18 10:47 <DIR> --d-hr-- C:\AHCache 2009-05-17 22:55 <DIR> --d----- c:\windows\system32\NtmsData 2009-05-15 20:16 664 a------- c:\windows\system32\d3d9caps.dat 2009-05-15 11:23 28,672 a------- c:\windows\system32\regclass.dll 2009-05-14 13:47 1,386,496 a------- c:\windows\system32\MSVBVM60.DLL 2009-05-13 20:33 <DIR> --d----- c:\program files\PhotoScape 2009-05-13 01:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8 2009-05-12 20:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Speedbit 2009-05-11 20:19 27 a------- c:\windows\system32\xvsset320.sys 2009-05-02 16:32 <DIR> --d----- c:\program files\ToniArts 2009-05-02 11:38 <DIR> --d----- c:\docume~1\user\applic~1\RetinaX 2009-05-02 10:52 620 a------- c:\windows\RegGenie.ini 2009-05-02 10:46 161,816 a------- c:\windows\RegGenieOnUninstall.exe 2009-05-01 20:17 <DIR> --d----- c:\program files\VS Revo Group ==================== Find3M ==================== 2009-05-14 17:11 36,224 a---h--- c:\windows\system32\mlfcache.dat 2009-04-22 13:51 4,096 a------- c:\windows\system32\drivers\nocashio.sys 2009-04-21 22:27 98 a---h--- C:\aaw7boot.cmd 2009-04-20 11:05 74,703 a------- c:\windows\system32\mfc45.dll 2009-04-19 12:43 724,992 a------- c:\windows\iun6002.exe 2009-04-05 12:10 410,984 a------- c:\windows\system32\deploytk.dll 2009-03-14 10:14 21,640 a------- c:\windows\system32\emptyregdb.dat 2009-03-06 07:44 283,648 a------- c:\windows\system32\pdh.dll ============= FINISH: 18:22:35.88 ===============
  5. I can't use msconfig..any ideas?that would be a great help:(( please...I've read some of these problems are caused by malware ... sad.gif Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:47:12 PM, on 5/27/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\cFosSpeed\cFosSpeed.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\cFosSpeed\spd.exe C:\Program Files\DSL Speed\DSL Speed V4.7\Dslx2.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file) O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - S-1-5-18 Startup: DSL Speed.lnk = C:\Program Files\DSL Speed\DSL Speed V4.7\Dslx2.exe (User 'SYSTEM') O4 - .DEFAULT Startup: DSL Speed.lnk = C:\Program Files\DSL Speed\DSL Speed V4.7\Dslx2.exe (User 'Default user') O4 - Startup: DSL Speed.lnk = C:\Program Files\DSL Speed\DSL Speed V4.7\Dslx2.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{47C38A36-B39F-432F-99B7-54E6BE7F7005}: NameServer = 208.67.222.222,208.67.220.220 O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: ipfw_helper (ipfw) - Unknown owner - C:\WINDOWS\system32\18076.exe (file missing) O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 3562 bytes I've Performed already a Full Scan I have A registered Malwarebytes and An Anti-Virus Called "ESET NOD32" Before i Deleted and quarantined the infections,these are the results I can't use msconfig..any ideas?that would be a great help:(( please...I've read some of these problems are caused by malware ... sad.gif Malwarebytes' Anti-Malware 1.37 Database version: 2183 Windows 5.1.2600 Service Pack 2 5/27/2009 4:29:20 PM mbam-log-2009-05-27 (16-29-05).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 94096 Time elapsed: 36 minute(s), 39 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 28 Registry Values Infected: 2 Registry Data Items Infected: 3 Folders Infected: 3 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{b6ae55bf-4617-93ef-6ea4-4e52199ca591} (Trojan.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> No action taken. Registry Data Items Infected: HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> No action taken. HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: c:\documents and settings\user\Application Data\FunWebProducts (Adware.MyWay) -> No action taken. c:\documents and settings\user\application data\funwebproducts\Data (Adware.MyWay) -> No action taken. c:\documents and settings\user\application data\funwebproducts\Data\user (Adware.MyWay) -> No action taken. Files Infected: c:\documents and settings\user\application data\funwebproducts\Data\user\avatar.dat (Adware.MyWay) -> No action taken. C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> No action taken. But now these files are cleaned...And I'm protected With Malwarebytes Protection But still i CAn't open msconfig..and i cant find msconfig's registry it may have been deleted,.Can u help me please?
  6. Yeah i set it cause many said that speeds up my internet I've downloaded malwarebytes...these are the results before i removed all of them... Malwarebytes' Anti-Malware 1.37 Database version: 2183 Windows 5.1.2600 Service Pack 2 5/27/2009 4:29:20 PM mbam-log-2009-05-27 (16-29-05).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 94096 Time elapsed: 36 minute(s), 39 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 28 Registry Values Infected: 2 Registry Data Items Infected: 3 Folders Infected: 3 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{b6ae55bf-4617-93ef-6ea4-4e52199ca591} (Trojan.BHO) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> No action taken. Registry Data Items Infected: HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> No action taken. HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: c:\documents and settings\user\Application Data\FunWebProducts (Adware.MyWay) -> No action taken. c:\documents and settings\user\application data\funwebproducts\Data (Adware.MyWay) -> No action taken. c:\documents and settings\user\application data\funwebproducts\Data\user (Adware.MyWay) -> No action taken. Files Infected: c:\documents and settings\user\application data\funwebproducts\Data\user\avatar.dat (Adware.MyWay) -> No action taken. C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> No action taken.
  7. I can't use msconfig..any ideas?that would be a great help:(( please...I've read some of these problems are caused by malware ... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:47:12 PM, on 5/27/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\cFosSpeed\cFosSpeed.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\cFosSpeed\spd.exe C:\Program Files\DSL Speed\DSL Speed V4.7\Dslx2.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file) O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - S-1-5-18 Startup: DSL Speed.lnk = C:\Program Files\DSL Speed\DSL Speed V4.7\Dslx2.exe (User 'SYSTEM') O4 - .DEFAULT Startup: DSL Speed.lnk = C:\Program Files\DSL Speed\DSL Speed V4.7\Dslx2.exe (User 'Default user') O4 - Startup: DSL Speed.lnk = C:\Program Files\DSL Speed\DSL Speed V4.7\Dslx2.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{47C38A36-B39F-432F-99B7-54E6BE7F7005}: NameServer = 208.67.222.222,208.67.220.220 O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: ipfw_helper (ipfw) - Unknown owner - C:\WINDOWS\system32\18076.exe (file missing) O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 3562 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.