 lilhurricaneCrunchin' For CuresPremium,Mod
join:2003-01-11
Purple Zone
kudos:56
 ·Comcast
| reply to brandieewine
Re: [Malware] Help Please. Hi Brandie...
Can you run the ESET Online scan as found in our forum FAQ - and post the results as well
Please use the "post reply vs "new topic" button to ensure all logs and posts are within the same thread for easier analysis. Thanks. 
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~ |
actions · 2013-Jul-27 9:14 pm · (locked) |
| Bit Defender
QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Sat Jul 27 21:13:03 2013
Machine ID: 28D77F24
No infection found.
-------------------
Processes
---------
(unsigned) MediaEspresso DeviceDetector 1576 C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(verified) Hotkey Utility 3052 C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(verified) Malwarebytes Anti-Malware 2616 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(verified) Malwarebytes Anti-Malware 1736 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(verified) Malwarebytes Anti-Malware 1784 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(verified) NeroUpdate 3916 C:\Program Files (x86)\Nero\Update\NASvc.exe
(verified) Spybot - Search & Destroy 2024 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(verified) Symantec Security Technologies 2660 C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
(verified) Symantec Security Technologies 3156 C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
(verified) Symantec Shared Component 3508 C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\symerr.exe
(verified) TrueVector Service 1184 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(verified) Windows® Internet Explorer 964 C:\Program Files (x86)\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 3360 C:\Program Files (x86)\Internet Explorer\iexplore.exe
(verified) ZAPrivacyService 1904 C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(verified) ZoneAlarm 960 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
Network activity
----------------
Process iexplore.exe (964) connected on port 80 (HTTP) --> 173.194.37.45
Process iexplore.exe (964) connected on port 80 (HTTP) --> 66.235.142.2
Process iexplore.exe (964) connected on port 80 (HTTP) --> 66.235.142.2
Process ccSvcHst.exe (3156) listens on ports: 49232
Autoruns and critical files
---------------------------
(verified) Catalyst® Control Center C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
(verified) Microsoft® Windows® Operating System C:\Windows\system32\userinit.exe
(verified) Norton Online Backup C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(verified) Realtek HD Audio Manager C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(verified) ZoneAlarm C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
Browser plugins
---------------
(verified) Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
(verified) Norton Confidential c:\program files (x86)\norton internet security\engine\20.0.0.136\coieplg.dll
(verified) NP_wtapp.dll C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
(verified) SDHelper.dll C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
(verified) Symantec Intrusion Detection c:\program files (x86)\norton internet security\engine\20.0.0.136\ips\ipsbho.dll
(verified) Windows® Internet Explorer c:\windows\syswow64\ieframe.dll
(verified) Zonealarm Toolbar c:\program files (x86)\check point software technologies ltd\zonealarm\1.8.21.15\bh\zonealarm.dll
(verified) Zonealarm Toolbar c:\program files (x86)\check point software technologies ltd\zonealarm\1.8.21.15\zonealarmtlbr.dll
Scan
----
MD5: 7ae4d6c70c2d7912ab2b4651df595575 C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
MD5: 55ee846ed0b8f1fd3b6aa4b24fa0bd56 C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\WPDDM.dll
MD5: abefa4bd23329fd9bd47496bf2e58774 C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
MD5: 925dff5207fa63eda39929ff6f157d16 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
MD5: dc0c37c901b154c3e5739da019fd49b0 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\452f06494f05cb9d89325460550d1d62\mscorlib.ni.dll
MD5: a5eed7b8cbece422bc7af38a7d996143 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\bf379bd95b8bdfa0460b3a10ec5f7bf1\System.Core.ni.dll
MD5: 43a689aacba8671130cbef223fcd469c C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a801272bc1990741b7b2f5dde3a57420\System.Xml.ni.dll
MD5: b53cd342e2991ca92b9475181c558269 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\6124280f8365d6683e54dd99742100f6\System.ni.dll
MD5: 07ea926dc98356ed9434b5853fa9d84a C:\Windows\System32\UIAnimation.dll
MD5: 686b224b4987c22b153fbb545fee9657 C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
No file uploaded.
Scan finished - communication took 1 sec
Total traffic - 0.00 MB sent, 0.04 KB recvd
Scanned 683 files and modules - 6 seconds
==============================================================================
The ESET ran for almost two hours and then wouldn't allow me to obtain a log file. I tried everything it wouldn't work. |
actions · 2013-Jul-27 9:19 pm · (locked) |
 your moderator at work
 hidden :
|
