Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 26

Thread: W3i.IQ5.fraud

  1. #11
    Junior Member
    Join Date
    Mar 2012
    Posts
    13

    Default

    Spy bot working again.

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by nacho at 23:08:31 on 2012-03-20
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.6090 [GMT -7:00]
    .
    AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
    C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\ytbb.exe
    c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
    uWindow Title = Windows Internet Explorer provided by Yahoo!
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
    mWinlogon: Userinit=userinit.exe
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
    mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    StartupFolder: C:\Users\nacho\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{62E2A00C-80CE-45F2-9B17-5D722D6CC3DD} : DhcpNameServer = 192.168.0.1
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
    BHO-X64: 0x1 - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
    BHO-X64: Symantec NCO BHO - No File
    BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL
    BHO-X64: Symantec Intrusion Prevention - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
    TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
    TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
    mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [(Default)]
    mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
    R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
    R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [?]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [?]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [2012-3-20 1157240]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120320.002_83\IDSviA64.sys [2012-3-20 488568]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [?]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [?]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-17 652360]
    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccsvchst.exe [2012-1-31 130008]
    R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
    R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-4-11 1119768]
    R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-6 138360]
    S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;C:\Windows\System32\drivers\libusb0.sys [2010-8-6 21504]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-03-21 05:04:25 -------- d-----w- C:\ComboFix
    2012-03-19 19:33:00 -------- d-----w- C:\Users\nacho\AppData\Local\Diagnostics
    2012-03-18 00:53:52 -------- d-----w- C:\Users\nacho\AppData\Roaming\Malwarebytes
    2012-03-18 00:53:46 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-03-18 00:53:45 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-03-18 00:53:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-03-17 21:56:04 -------- d-----w- C:\Windows\SysWow64\N360_BACKUP
    2012-03-15 00:39:20 -------- d-----w- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
    2012-03-15 00:30:06 -------- d-----w- C:\Users\nacho\AppData\Local\Kobo
    2012-03-14 22:20:00 -------- d-----w- C:\Users\nacho\AppData\Roaming\SpeedMaxPc
    2012-03-14 22:20:00 -------- d-----w- C:\Users\nacho\AppData\Roaming\DriverCure
    2012-03-14 22:19:48 -------- d-----w- C:\ProgramData\SpeedMaxPc
    2012-03-14 22:19:48 -------- d-----w- C:\Program Files (x86)\SpeedMaxPc
    2012-03-14 22:19:48 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedMaxPc
    2012-03-13 20:36:22 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-03-13 20:36:21 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-03-13 20:36:20 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-03-13 18:50:17 3145728 ----a-w- C:\Windows\System32\win32k.sys
    2012-03-13 18:50:15 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2012-03-13 18:50:15 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2012-03-13 18:49:53 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-03-13 18:49:53 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-03-13 18:49:53 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-03-13 18:49:34 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-03-13 18:49:34 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-03-13 18:49:34 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-03-13 18:49:34 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2012-03-11 06:18:47 -------- d-----w- C:\Program Files (x86)\Misc. Support Library (Spybot - Search & Destroy)
    2012-03-11 06:18:46 -------- d-----w- C:\Program Files (x86)\SDHelper (Spybot - Search & Destroy)
    2012-03-11 06:18:43 -------- d-----w- C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
    2012-03-11 06:18:42 -------- d-----w- C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy)
    2012-03-11 06:14:47 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-03-11 06:14:46 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-03-05 22:17:01 -------- d-----w- C:\Program Files\iPod
    2012-03-05 22:17:00 -------- d-----w- C:\Program Files\iTunes
    2012-03-05 22:17:00 -------- d-----w- C:\Program Files (x86)\iTunes
    2012-02-21 17:33:07 -------- d-----w- C:\Users\nacho\AppData\Local\NPE
    .
    ==================== Find3M ====================
    .
    2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
    2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
    2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
    2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
    2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
    .

  2. #12
    Junior Member
    Join Date
    Mar 2012
    Posts
    13

    Default

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/8/2011 8:22:17 PM
    System Uptime: 3/20/2012 10:34:16 PM (1 hours ago)
    .
    Motherboard: FOXCONN | | 2AB7
    Processor: AMD Athlon(tm) II 170u Processor | CPU 1 | 2000/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 454 GiB total, 378.295 GiB free.
    D: is FIXED (NTFS) - 11 GiB total, 1.405 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP42: 3/13/2012 1:30:54 PM - Windows Update
    RP43: 3/14/2012 5:31:06 PM - Device Driver Package Install: Kobo
    RP44: 3/14/2012 5:39:34 PM - Installed HP Support Assistant
    RP45: 3/14/2012 5:44:44 PM - Windows Modules Installer
    RP46: 3/14/2012 5:45:30 PM - Windows Modules Installer
    RP47: 3/20/2012 2:41:36 PM - Windows Update
    RP48: 3/20/2012 10:30:21 PM - Restore Operation
    RP49: 3/20/2012 10:44:35 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Adobe AIR
    Apple Application Support
    Apple Software Update
    Blio
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Compaq Setup Manager
    CyberLink DVD Suite Deluxe
    D3DX10
    DJ_AIO_05_F4400_Software_Min
    DVD Shrink 3.2
    ERUNT 1.1j
    Hewlett-Packard ACLM.NET v1.1.2.0
    HP Customer Experience Enhancements
    HP MovieStore
    HP Odometer
    HP Setup
    HP Support Assistant
    HP Support Information
    HP Update
    Junk Mail filter update
    Kobo
    LabelPrint
    LightScribe System Software
    Malwarebytes Anti-Malware version 1.60.1.1000
    Microsoft Office 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Starter 2010 - English
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft WSE 3.0 Runtime
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Norton 360
    Norton Online Backup
    PDF Complete Special Edition
    PhotoNow!
    PlayReady PC Runtime x86
    Power2Go
    PowerDirector
    PressReader
    QuickTime
    Realtek High Definition Audio Driver
    Recovery Manager
    RoxioNow Player
    Scan
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Spybot - Search & Destroy
    Spybot - Search & Destroy 1.4
    Toolbox
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Yahoo! Install Manager
    Yahoo! Software Update
    Yahoo! Toolbar
    Zinio Reader 4
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/20/2012 10:35:37 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
    3/20/2012 10:34:53 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
    3/20/2012 10:21:36 PM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: A device attached to the system is not functioning.
    3/20/2012 10:18:44 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
    3/20/2012 10:17:20 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    3/20/2012 10:15:38 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    3/19/2012 2:14:37 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.
    3/17/2012 6:37:25 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user nacho-HP\nacho SID (S-1-5-21-2204247192-763932463-2249620297-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    3/15/2012 9:55:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
    .
    ==== End Of File ===========================

  3. #13
    Security Expert Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,497

    Default

    Spy bot working again.
    Was it able to remove its findings? If so reboot and see if those items are still found.
    Microsoft MVP Consumer Security 2008-2014
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  4. #14
    Junior Member
    Join Date
    Mar 2012
    Posts
    13

    Default

    Still there.

  5. #15
    Security Expert Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,497

    Default

    Hi,

    Let's make sure you have latest version of Spybot installed. Uninstall your current one and then download fresh one here.
    Microsoft MVP Consumer Security 2008-2014
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  6. #16
    Junior Member
    Join Date
    Mar 2012
    Posts
    13

    Default

    It worked. It fixed the problem. But when i tried to uninstall set-up spybot it didn't allow me to because i'm not the administrator.

  7. #17
    Security Expert Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,497

    Default

    when i tried to uninstall set-up spybot it didn't allow me to because i'm not the administrator.
    Does your user account have administrator privileges?
    Microsoft MVP Consumer Security 2008-2014
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  8. #18
    Junior Member
    Join Date
    Mar 2012
    Posts
    13

    Default

    I'm the only user and it says administrator under my avatar. Plus i have the password for it too.

  9. #19
    Security Expert Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,497

    Default

    Hi,

    See if installing new version will remove older one. If it still fails try with Revo Uninstaller.
    Microsoft MVP Consumer Security 2008-2014
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  10. #20
    Junior Member
    Join Date
    Mar 2012
    Posts
    13

    Default

    It was removed.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •