christad83

Members
  • Content count

    2
  • Joined

  • Last visited

About christad83

  • Rank
    New Member
  • Birthday

Contact Methods

  • ICQ
    0
  1. 2008-12-28 12:38:00 gmer.sys System [4]: LoadDriver system32\DRIVERS\ipnat.sys 2008-12-28 12:38:00 gmer.sys System [4]: LoadDriver system32\DRIVERS\wanarp.sys 2008-12-28 12:38:08 gmer.sys System [4]: CreateProcess C:\WINDOWS\system32\smss.exe 2008-12-28 12:38:08 gmer.sys smss.exe [636]: CreateProcess C:\WINDOWS\system32\autochk.exe 2008-12-28 12:38:08 gmer.sys autochk.exe [668]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\Fastfat 2008-12-28 12:38:09 gmer.sys smss.exe [636]: CreateProcess C:\WINDOWS\system32\csrss.exe 2008-12-28 12:38:09 gmer.sys csrss.exe [700]: LoadDriver \SystemRoot\System32\drivers\dxg.sys 2008-12-28 12:38:10 gmer.sys csrss.exe [700]: LoadDriver \SystemRoot\System32\ialmrnt5.dll 2008-12-28 12:38:10 gmer.sys csrss.exe [700]: LoadDriver \SystemRoot\System32\ialmdnt5.dll 2008-12-28 12:38:10 gmer.sys csrss.exe [700]: LoadDriver \SystemRoot\System32\vga.dll 2008-12-28 12:38:10 gmer.sys csrss.exe [700]: LoadDriver \SystemRoot\System32\ialmrnt5.dll 2008-12-28 12:38:10 gmer.sys csrss.exe [700]: LoadDriver \SystemRoot\System32\ialmdev5.DLL 2008-12-28 12:38:11 gmer.sys csrss.exe [700]: LoadDriver \SystemRoot\System32\ialmdd5.DLL 2008-12-28 12:38:11 gmer.sys smss.exe [636]: CreateProcess C:\WINDOWS\system32\winlogon.exe 2008-12-28 12:38:11 gmer.sys winlogon.exe [724]: CreateProcess C:\Program Files\AVG\AVG8\avgrsx.exe 2008-12-28 12:38:12 gmer.sys winlogon.exe [724]: CreateProcess C:\WINDOWS\system32\services.exe 2008-12-28 12:38:12 gmer.sys winlogon.exe [724]: CreateProcess C:\WINDOWS\system32\lsass.exe 2008-12-28 12:38:12 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\svchost.exe 2008-12-28 12:38:13 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\svchost.exe 2008-12-28 12:38:13 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\svchost.exe 2008-12-28 12:38:13 gmer.sys services.exe [820]: LoadDriver system32\DRIVERS\ndisuio.sys 2008-12-28 12:38:13 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\svchost.exe 2008-12-28 12:38:13 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\svchost.exe 2008-12-28 12:38:13 gmer.sys winlogon.exe [724]: CreateProcess C:\WINDOWS\system32\logonui.exe 2008-12-28 12:38:14 gmer.sys winlogon.exe [724]: CreateProcess C:\WINDOWS\system32\userinit.exe 2008-12-28 12:38:14 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\spoolsv.exe 2008-12-28 12:38:14 gmer.sys userinit.exe [1632]: CreateProcess C:\WINDOWS\explorer.exe 2008-12-28 12:38:15 gmer.sys svchost.exe [1096]: LoadDriver system32\DRIVERS\rdbss.sys 2008-12-28 12:38:15 gmer.sys svchost.exe [1096]: LoadDriver system32\DRIVERS\mrxsmb.sys 2008-12-28 12:38:17 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:38:17 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:38:18 gmer.sys explorer.exe [1680]: CreateProcess C:\Program Files\HP\HP Software Update\hpwuSchd2.exe 2008-12-28 12:38:18 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\ctfmon.exe 2008-12-28 12:38:18 gmer.sys explorer.exe [1680]: CreateProcess C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2008-12-28 12:38:20 gmer.sys explorer.exe [1680]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\Cdfs 2008-12-28 12:38:29 gmer.sys services.exe [820]: LoadDriver system32\DRIVERS\mrxdav.sys 2008-12-28 12:38:29 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\msdtc.exe 2008-12-28 12:38:29 gmer.sys services.exe [820]: CreateProcess C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe 2008-12-28 12:38:29 gmer.sys services.exe [820]: CreateProcess C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 2008-12-28 12:38:29 gmer.sys services.exe [820]: LoadDriver \SystemRoot\System32\Drivers\avgtdix.sys 2008-12-28 12:38:29 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\ehome\ehrecvr.exe 2008-12-28 12:38:29 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\ehome\ehSched.exe 2008-12-28 12:38:29 gmer.sys services.exe [820]: LoadDriver System32\Drivers\HTTP.sys 2008-12-28 12:38:29 gmer.sys svchost.exe [984]: CreateProcess C:\WINDOWS\ehome\ehRec.exe 2008-12-28 12:38:30 gmer.sys services.exe [820]: CreateProcess C:\Program Files\Java\jre6\bin\jqs.exe 2008-12-28 12:38:30 gmer.sys services.exe [820]: LoadDriver system32\DRIVERS\mdmxsdk.sys 2008-12-28 12:38:30 gmer.sys services.exe [820]: LoadDriver \??\C:\WINDOWS\system32\drivers\mqac.sys 2008-12-28 12:38:30 gmer.sys svchost.exe [1096]: LoadDriver system32\DRIVERS\srv.sys 2008-12-28 12:38:30 gmer.sys services.exe [820]: LoadDriver \??\C:\WINDOWS\system32\drivers\RMCast.sys 2008-12-28 12:38:33 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\svchost.exe 2008-12-28 12:38:34 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\mqsvc.exe 2008-12-28 12:38:34 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:38:34 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:38:34 gmer.sys avgwdsvc.exe [1004]: CreateProcess C:\Program Files\AVG\AVG8\avgrsx.exe 2008-12-28 12:38:35 gmer.sys services.exe [820]: CreateProcess C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 2008-12-28 12:38:35 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\ehome\mcrdsvc.exe 2008-12-28 12:38:35 gmer.sys svchost.exe [1096]: LoadDriver system32\DRIVERS\ipnat.sys 2008-12-28 12:38:39 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\mqtgsvc.exe 2008-12-28 12:38:40 gmer.sys services.exe [820]: CreateProcess C:\PROGRA~1\AVG\AVG8\avgemc.exe 2008-12-28 12:38:46 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\imapi.exe 2008-12-28 12:38:47 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\alg.exe 2008-12-28 12:38:50 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\dllhost.exe 2008-12-28 12:38:59 gmer.sys explorer.exe [1680]: CreateProcess C:\Program Files\Mozilla Firefox\firefox.exe 2008-12-28 12:39:04 gmer.sys explorer.exe [1680]: CreateProcess C:\Program Files\Adobe\Photoshop Elements 7.0\Photoshop Elements 7.0.exe 2008-12-28 12:39:09 gmer.sys explorer.exe [1680]: CreateProcess C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe 2008-12-28 12:39:19 gmer.sys services.exe [820]: CreateProcess C:\Program Files\Windows Live\Messenger\usnsvc.exe 2008-12-28 12:39:22 gmer.sys svchost.exe [1096]: CreateProcess C:\WINDOWS\system32\wuauclt.exe 2008-12-28 12:39:27 gmer.sys services.exe [820]: LoadDriver \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-12-28 12:39:34 gmer.sys svchost.exe [984]: CreateProcess C:\WINDOWS\system32\wbem\wmiprvse.exe 2008-12-28 12:39:42 gmer.sys avgwdsvc.exe [1004]: CreateProcess C:\PROGRA~1\AVG\AVG8\avgupd.exe 2008-12-28 12:39:52 gmer.sys avgupd.exe [1708]: CreateProcess C:\Program Files\AVG\AVG8\fixcfg.exe 2008-12-28 12:39:53 gmer.sys services.exe [820]: CreateProcess C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 2008-12-28 12:39:59 gmer.sys winlogon.exe [724]: CreateProcess C:\WINDOWS\system32\taskmgr.exe 2008-12-28 12:40:12 gmer.sys services.exe [820]: CreateProcess C:\WINDOWS\system32\svchost.exe 2008-12-28 12:41:58 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:41:59 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:42:26 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\wupdmgr.exe 2008-12-28 12:42:27 gmer.sys svchost.exe [984]: CreateProcess C:\Program Files\Internet Explorer\iexplore.exe 2008-12-28 12:42:29 gmer.sys svchost.exe [984]: CreateProcess C:\PROGRA~1\AVG\AVG8\aAvgApi.exe 2008-12-28 12:42:35 gmer.sys svchost.exe [1096]: CreateProcess C:\WINDOWS\system32\wbem\wmiadap.exe 2008-12-28 12:42:37 gmer.sys svchost.exe [984]: CreateProcess C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe 2008-12-28 12:42:40 gmer.sys svchost.exe [984]: CreateProcess C:\WINDOWS\system32\wbem\wmiprvse.exe 2008-12-28 12:43:00 gmer.sys avgwdsvc.exe [1004]: CreateProcess C:\Program Files\AVG\AVG8\avgcmgr.exe 2008-12-28 12:43:04 gmer.sys svchost.exe [984]: CreateProcess C:\WINDOWS\system32\wbem\wmiprvse.exe 2008-12-28 12:45:40 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:45:40 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:45:40 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:45:41 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:46:29 gmer.sys svchost.exe [984]: CreateProcess C:\WINDOWS\system32\igfxsrvc.exe 2008-12-28 12:46:32 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\rundll32.exe 2008-12-28 12:46:47 gmer.sys winlogon.exe [724]: CreateProcess C:\WINDOWS\system32\taskmgr.exe 2008-12-28 12:46:58 gmer.sys rundll32.exe [3360]: CreateProcess C:\WINDOWS\system32\msiexec.exe 2008-12-28 12:47:13 gmer.sys rundll32.exe [3360]: CreateProcess C:\WINDOWS\system32\msiexec.exe 2008-12-28 12:47:27 gmer.sys rundll32.exe [3360]: CreateProcess C:\WINDOWS\system32\msiexec.exe 2008-12-28 12:48:01 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:48:01 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:48:02 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:48:13 gmer.sys explorer.exe [1680]: CreateProcess C:\Program Files\Adobe\Photoshop Elements 7.0\Photoshop Elements 7.0.exe 2008-12-28 12:48:28 gmer.sys services.exe [820]: CreateProcess C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 2008-12-28 12:48:32 gmer.sys svchost.exe [984]: CreateProcess C:\WINDOWS\system32\wbem\wmiprvse.exe 2008-12-28 12:48:48 gmer.sys mbam.exe [3620]: CreateProcess C:\WINDOWS\system32\notepad.exe 2008-12-28 12:51:43 gmer.sys explorer.exe [1680]: CreateProcess C:\Documents and Settings\Christa\My Documents\gmer.exe 2008-12-28 12:55:54 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\verclsid.exe 2008-12-28 12:55:58 gmer.sys explorer.exe [1680]: CreateProcess C:\WINDOWS\system32\notepad.exe
  2. Hi ya people ok well I have a Trojan.TDSS , Trojan FakeAlert, Trojan.DNSChanger, Trojan Agent. my MWB report says Malwarebytes' Anti-Malware 1.31 Database version: 1550 Windows 5.1.2600 Service Pack 2 27/12/2008 21:44:15 mbam-log-2008-12-27 (21-44-12).txt Scan type: Quick Scan Objects scanned: 51045 Time elapsed: 4 minute(s), 43 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 1 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Spyware.Passwords) -> No action taken. Registry Keys Infected: HKEY_CLASSES_ROOT\videosoft (Trojan.DNSChanger) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: C:\resycled (Trojan.DNSChanger) -> No action taken. Files Infected: C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Spyware.Passwords) -> No action taken. C:\WINDOWS\system32\msqpdxkrqhrroy.dll (Trojan.TDSS) -> No action taken. C:\Documents and Settings\Christa\Local Settings\Temp\tmp59.tmp (Trojan.FakeAlert) -> No action taken. C:\resycled\boot.com (Trojan.DNSChanger) -> No action taken. C:\WINDOWS\system32\drivers\msqpdxwiduynpq.sys (Trojan.Agent) -> No action taken. C:\WINDOWS\Temp\tempo-1E3.tmp (Trojan.DNSChanger) -> No action taken. I downloaded th GMER that is listed in the other post, it found the HIDDEN msqpdxwiduynpq.sys and I deactivated the file and deleted then had to restart, It is stopping me from loading any Adobe software, I did initially WIPE comp and not totally due to C: drive partition not clearing ALL data eg normally I would have to install any software like FireFox but it would already be on system. it is really annoying me now lol I have wiped computer 5 times in 2 weeks !! hopefully some one out there can help me :0(