|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
10-20-2009, 06:57 PM
|
#1 (permalink) |
|
Registered User
Join Date: Oct 2009
Posts: 2
OS: Vista
|
Some Sort of Spyware.
My computer has been very very sluggish of late. When I ran a scan to with AVG it showed 34 spyware problems amongst which were important Windows files (e.g. wininit.exe, services.exe). However this particular item was repeated several times \\?\globalroot\Device\_max++>\7F78B1C45x86.dll.
I have tried to install several anti-spyware programs (superantispyware, malaware bytes, spyware doctor, ad-aware ... and a few others). All became uncreative shortly after installation. And would not subsequently reopen. I have done the scan (GERM) as is recommended by one of the "sticky". The results of with are attached as .txt and replicated below. The "\\?\globalroot\Device\_max++>\7F78B1C45x86.dll" was highlighted red in the scan results. Appreciate the assistance. ________________________________________________________________ GMER 1.0.15.15163 - http://www.gmer.net Rootkit scan 2009-10-20 20:35:09 Windows 6.0.6000 Running: gmer.exe; Driver: C:\Users\Krishna\AppData\Local\Temp\fxriafoc.sys ---- System - GMER 1.0.15 ---- INT 0x62 ? 82FA2BF8 INT 0x72 ? 82FA2BF8 INT 0x82 ? 82FA2BF8 INT 0x92 ? 82FA2BF8 INT 0xA2 ? 82D2EBF8 INT 0xB2 ? 82D2EBF8 INT 0xB2 ? 82D2EBF8 INT 0xB2 ? 82D2EBF8 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 82D331F8 Device \Driver\netbt \Device\NetBT_Tcpip_{B14C4589-913B-4CE6-A24F-567EB4BD05EF} 832DF4A8 Device \Driver\sptd \Device\1195568311 spfp.sys Device \Driver\volmgr \Device\VolMgrControl 82D301F8 Device \Driver\usbuhci \Device\USBPDO-0 82EDE1F8 Device \Driver\usbuhci \Device\USBPDO-1 82EDE1F8 Device \Driver\usbuhci \Device\USBPDO-2 82EDE1F8 Device \Driver\usbuhci \Device\USBPDO-3 82EDE1F8 Device \Driver\usbehci \Device\USBPDO-4 82EE9500 AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) Device \Driver\volmgr \Device\HarddiskVolume1 82D301F8 Device \Driver\cdrom \Device\CdRom0 82EFD500 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 82D321F8 Device \Driver\atapi \Device\Ide\IdePort0 82D321F8 Device \Driver\atapi \Device\Ide\IdePort1 82D321F8 Device \Driver\atapi \Device\Ide\IdePort2 82D321F8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 82D321F8 Device \Driver\PCI_PNP2295 \Device\0000003d spfp.sys Device \Driver\netbt \Device\NetBt_Wins_Export 832DF4A8 Device \Driver\Smb \Device\NetbiosSmb 832D83B0 Device \Driver\iScsiPrt \Device\RaidPort0 82F204C0 AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) Device \Driver\usbuhci \Device\USBFDO-0 82EDE1F8 Device \Driver\usbuhci \Device\USBFDO-1 82EDE1F8 Device \Driver\usbuhci \Device\USBFDO-2 82EDE1F8 Device \Driver\usbuhci \Device\USBFDO-3 82EDE1F8 Device \Driver\usbehci \Device\USBFDO-4 82EE9500 Device \Driver\ar3f7wt5 \Device\Scsi\ar3f7wt51 82F151F8 Device \FileSystem\cdfs \Cdfs A0F4F290 ---- Processes - GMER 1.0.15 ---- Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [352] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\system32\wininit.exe [440] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\system32\services.exe [520] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [848] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\System32\svchost.exe [924] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\System32\svchost.exe [960] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [980] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\PROGRA~1\AVG\AVG8\avgnsx.exe [1060] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [1164] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [1248] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [1532] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Windows\system32\dlbccoms.exe [1928] 0x35670000 Library \\?\globalroot\Device\__max++>\56852380.x86.dll (*** hidden *** ) @ C:\Program Files\Mozilla Firefox\firefox.exe [3976] 0x35670000 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x8E 0xFB 0x05 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3E 0xA1 0x03 0xA7 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x83 0xF3 0xE9 0xDF ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF0 0x8E 0xFB 0x05 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3E 0xA1 0x03 0xA7 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x83 0xF3 0xE9 0xDF ... _________________________________________________________________ |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
