Results 1 to 3 of 3

Thread: can't download spybot or any spyware program

  1. #1
    Junior Member
    Join Date
    Jul 2010
    Location
    Chihuahua, Mexico
    Posts
    2

    Default can't download spybot or any spyware program

    Hi,

    I think I got infected seriously; I can install neither spybot nor Malwarebytes.

    Here’s my Hyjackthis log for your review.


    I really appreciate if anyone could help,

    regards

    Loroguasteco





    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 7:38:30 AM, on 7/5/2010

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Boot mode: Normal



    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\Explorer.exe

    C:\Program Files\Google\Update\GoogleUpdate.exe

    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files\Bonjour\mDNSResponder.exe

    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

    C:\WINDOWS\eHome\ehRecvr.exe

    C:\WINDOWS\eHome\ehSched.exe

    C:\Program Files\ESET\ESET Smart Security\ekrn.exe

    C:\WINDOWS\system32\csrcs.exe

    C:\Program Files\Java\jre6\bin\jqs.exe

    c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Program Files\ESET\ESET Smart Security\egui.exe

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\Canon\CAL\CALMAIN.exe

    C:\Program Files\Windows Live\Messenger\msnmsgr.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Zinio\ZinioReader.exe

    C:\Program Files\AWS\WeatherBug Alert\WeatherBugAlert.exe

    C:\WINDOWS\system32\dllhost.exe

    C:\Program Files\Mozilla Firefox\firefox.exe

    C:\WINDOWS\system32\msiexec.exe

    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

    C:\WINDOWS\system32\cmd.exe

    C:\WINDOWS\system32\net.exe



    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

    O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\RunServices: [csrcs] C:\WINDOWS\system32\csrcs.exe

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZinioReader.exe /autostart

    O4 - HKCU\..\Run: [WeatherBugAlert] "C:\Program Files\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st

    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

    O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll

    O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)

    O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O16 - DPF: {00130000-B1BA-11CE-ABC6-F5B2E79D9E3F} (LEAD Main Control (13.0)) - http://aceonline.asicentral.com/ace/ltocx13n.cab

    O16 - DPF: {BADA82CB-BF48-4D76-9611-78E2C6F49F03} - http://95.211.26.163/root/Bol.CAB

    O17 - HKLM\System\CCS\Services\Tcpip\..\{0FA31105-07F7-4177-ADD5-2B743A6EE662}: NameServer = 93.188.164.220,93.188.161.90

    O17 - HKLM\System\CCS\Services\Tcpip\..\{887D22A4-BB23-4D9D-81E9-6694C5BE1DFF}: NameServer = 93.188.164.220,93.188.161.90

    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.164.220,93.188.161.90

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.164.220,93.188.161.90

    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe

    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe

    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe



    --

    End of file - 7362 bytes

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello loroguasteco,

    The log is double spaced which can make it difficult for helpers to read.

    We ask for a DDS log now, please see the forum FAQ: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

    Post #2 in that topic shows how to produce that log.

    Are you able to do this on the computer in question? If so please start a new topic and copy paste the DDS log into it.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello loroguasteco,

    I split off the log to a new topic: http://forums.spybot.info/showthread.php?t=58409 and will close this one.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •