Jump to content

sapwiz

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi there, I followed your instructions on some other posts on using the ComboFix but now I'm not sure if I'm good to go or not... ============================================================================================================================================================================= ComboFix 12-12-04.01 - sapwiz 05/12/12 21:58:47.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1255.972.1033.18.2038.1451 [GMT 2:00] Running from: c:\documents and settings\user\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\user\WINDOWS c:\windows\msmqinst.log c:\windows\system32\MUI\040D\tourstart.exe c:\windows\system32\SET108.tmp c:\windows\system32\zip32.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_FAD . . ((((((((((((((((((((((((( Files Created from 2012-11-05 to 2012-12-05 ))))))))))))))))))))))))))))))) . . 2012-12-03 04:28 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-12-03 04:28 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-12-03 04:28 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-12-03 04:28 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-12-03 04:28 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-12-03 04:28 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-12-03 04:28 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-12-03 04:28 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-12-03 04:28 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr 2012-12-03 04:28 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-12-03 04:27 . 2012-12-03 04:27 -------- d-----w- c:\program files\AVAST Software 2012-12-03 04:27 . 2012-12-03 04:27 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2012-12-02 19:21 . 2012-12-02 19:22 -------- d-----w- c:\documents and settings\Administrator . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-12 21:27 . 2012-04-01 17:47 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-12 21:27 . 2011-05-25 16:47 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-11-08 18:11 . 2010-07-19 19:47 52648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll 2012-11-08 18:11 . 2010-07-19 19:47 83912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-11-08 18:11 . 2010-07-19 19:47 31144 ----a-w- c:\windows\system32\LMIport.dll 2012-11-08 18:11 . 2010-07-19 19:47 92072 ----a-w- c:\windows\system32\LMIinit.dll 2012-10-22 08:37 . 2008-04-14 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-02 18:04 . 2008-04-14 12:00 58368 ----a-w- c:\windows\system32\synceng.dll 2012-09-24 13:32 . 2012-06-15 15:58 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-24 13:32 . 2010-09-11 09:52 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-24 11:51 . 2012-06-15 15:58 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-05-12 13:42 . 2012-10-26 21:44 124344 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll 2010-05-12 14:22 . 2012-10-26 21:44 13240 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll 2010-05-12 13:43 . 2012-10-26 21:44 70592 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll 2010-05-12 13:42 . 2012-10-26 21:44 91576 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll 2010-05-12 13:42 . 2012-10-26 21:44 22464 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll 2010-05-12 13:41 . 2012-10-26 21:44 255416 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll 2010-05-12 13:42 . 2012-10-26 21:44 31160 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll 2010-05-12 13:42 . 2012-10-26 21:44 40384 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll 2010-04-14 10:55 . 2012-10-26 21:44 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll 2010-05-12 13:43 . 2012-10-26 21:44 24000 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll 2012-10-26 21:44 . 2012-10-26 21:44 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDProtect Monitor"="c:\program files\Athena\IDProtect Client\Utils\IDProtect Monitor.exe" [2010-01-17 323664] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 137752] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2009-07-23 185688] "LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2009-07-23 124248] "Daemon for Mouse Suite"="c:\program files\Lenovo\Lenovo Mouse Suite\ICO.EXE" [2010-07-27 69632] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2010-01-27 63048] "Genie TimeLine Tray"="c:\program files\Genie-Soft\Genie Timeline\GSTimeLineAgent.exe" [2011-01-11 1051264] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 2012-11-08 18:11 92072 ----a-w- c:\windows\system32\LMIinit.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\eMule\\eMule.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"= "c:\\Program Files\\Soluto\\SolutoCleanup.exe"= "c:\\Program Files\\Soluto\\Soluto.exe"= "c:\\Program Files\\Soluto\\SolutoService.exe"= "c:\\Program Files\\Soluto\\SolutoConsole.exe"= "c:\\Program Files\\Soluto\\SolutoUpdateService.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "59000:TCP"= 59000:TCP:emule tcp "59500:UDP"= 59500:UDP:empule upd . R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [04/03/11 11:39 AM 51144] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [03/12/12 6:28 AM 738504] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [03/12/12 6:28 AM 361032] R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [16/04/10 3:22 PM 65584] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [03/12/12 6:28 AM 21256] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [07/02/12 4:47 PM 374704] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [27/01/10 11:22 AM 12856] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [02/08/11 8:08 PM 11520] S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [06/09/12 10:48 AM 604688] S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [23/10/12 12:19 AM 77624] S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [23/10/10 9:01 PM 87424] S3 GenieTimelineService;Genie Timeline Service;c:\program files\Genie-Soft\Genie Timeline\GenieTimelineService.exe [11/01/11 5:25 PM 362624] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [11/06/11 1:08 PM 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22/06/10 6:01 PM 21248] S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys --> c:\windows\system32\DRIVERS\ivusb.sys [?] S3 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [15/09/11 12:06 PM 88576] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [23/10/12 12:19 AM 181432] S3 wimmount;wimmount;c:\windows\system32\drivers\wimmount.sys [15/06/10 11:52 AM 19024] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-12-05 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 21:27] . 2012-12-05 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-12-03 22:50] . 2012-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-08-04 09:45] . 2012-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-08-04 09:45] . 2012-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-573735546-1177238915-1003Core.job - c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-16 17:06] . 2012-12-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-573735546-1177238915-1003UA.job - c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-03-16 17:06] . 2012-11-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:54] . 2012-12-05 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:54] . . ------- Supplementary Scan ------- . uStart Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=llya694le36z&scc=1&ltmpl=default&ltmplcache=2&from=login uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: mof.gov.il\wa TCP: DhcpNameServer = 192.168.2.1 DPF: {87FA0696-C219-429B-AF1D-EE0A7FF3E18B} - hxxps://hb2.bankleumi.co.il/las163bfeb7d306c40a845d1a835072d1b6128e0934/las0/HomeBank/Operations/Masav.CAB DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} - hxxp://192.168.2.222/WebClient.cab DPF: {BC4CF6B5-8DE7-4F51-A369-364629A6C2B7} - hxxps://hb2.bankleumi.co.il/eas/activex/BankDOKOp.cab FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\6cz35eb1.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.globes.co.il/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - ExtSQL: 2012-10-19 16:08; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} FF - ExtSQL: 2012-12-03 06:28; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF FF - ExtSQL: !HIDDEN! 2010-07-24 23:24; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . . ------- File Associations ------- . .scr=Icad.load.scr . - - - - ORPHANS REMOVED - - - - . HKCU-Run-ZortamMp3MediaStudio - c:\program files\Zortam Mp3 Media Studio\zmmspro.exe SafeBoot-WudfPf SafeBoot-WudfRd AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-12-05 22:08 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(708) c:\windows\system32\LMIinit.dll . - - - - - - - > 'explorer.exe'(3716) c:\windows\system32\WININET.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\hnetcfg.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\LMIRfsClientNP.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\System32\SCardSvr.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\LogMeIn\x86\RaMaint.exe c:\windows\system32\igfxsrvc.exe c:\program files\LogMeIn\x86\LogMeIn.exe c:\program files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2012-12-05 22:17:45 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-05 20:17 . Pre-Run: 40,225,918,976 bytes free Post-Run: 41,662,914,560 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 1BAAF038255B7713D2727CEF01F92FD1 ========================================================================================================================================================================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.