Jump to content

itsme

Honorary Members
 View Profile  See their activity

  • Posts

    42

  • Joined

  • Last visited

 Content Type 

Posts posted by itsme

    IE wrong adress problems

    in Resolved Malware Removal Logs

    Posted

    Malwarebytes' Anti-Malware 1.51.2.1300

    www.malwarebytes.org

    Database version: 7823

    Windows 5.1.2600 Service Pack 3

    Internet Explorer 7.0.5730.13

    10/2/2011 8:52:50 PM

    mbam-log-2011-10-02 (20-52-25).txt

    Scan type: Quick scan

    Objects scanned: 184792

    Time elapsed: 5 minute(s), 10 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 1

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 0

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> No action taken.

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    (No malicious items detected)

    IE wrong adress problems

    in Resolved Malware Removal Logs

    Posted

    ComboFix 11-10-02.01 - Douw 10/02/2011 18:39:39.3.2 - x86

    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.400 [GMT 2:00]

    Running from: c:\documents and settings\Douw\Desktop\ComboFix.exe

    AV: Eset NOD32 antivirus system 2.51 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

    AV: Symantec Endpoint Protection *Disabled/Outdated* {FB06448E-52B8-493A-90F3-E43226D3305C}

    .

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\documents and settings\Douw\Application Data\Smart Engine

    c:\documents and settings\Douw\Recent\ANTIGEN.sys

    c:\documents and settings\Douw\Recent\cb.drv

    c:\documents and settings\Douw\Recent\CLSV.sys

    c:\documents and settings\Douw\Recent\DBOLE.dll

    c:\documents and settings\Douw\Recent\DBOLE.drv

    c:\documents and settings\Douw\Recent\eb.sys

    c:\documents and settings\Douw\Recent\energy.dll

    c:\documents and settings\Douw\Recent\energy.drv

    c:\documents and settings\Douw\Recent\exec.exe

    c:\documents and settings\Douw\Recent\exec.sys

    c:\documents and settings\Douw\Recent\fan.dll

    c:\documents and settings\Douw\Recent\fan.drv

    c:\documents and settings\Douw\Recent\fix.exe

    c:\documents and settings\Douw\Recent\fix.sys

    c:\documents and settings\Douw\Recent\FS.dll

    c:\documents and settings\Douw\Recent\kernel32.dll

    c:\documents and settings\Douw\Recent\PE.dll

    c:\documents and settings\Douw\Start Menu\Programs\Smart Engine.lnk

    c:\documents and settings\Douw\Start Menu\Smart Engine.lnk

    c:\documents and settings\Douw\WINDOWS

    c:\program files\google\common\google updater\googleupdaterservice.exe

    C:\RECYCLER(2)

    c:\recycler(2)\S-1-5-21-2739312101-2801067174-1606002916-1005(2)\INFO2

    c:\windows\system32\comct332.ocx

    .

    .

    ((((((((((((((((((((((((( Files Created from 2011-09-02 to 2011-10-02 )))))))))))))))))))))))))))))))

    .

    .

    2011-10-02 14:03 . 2011-10-02 14:03 -------- d-----w- c:\windows\system32\wbem\Repository

    2011-10-02 14:03 . 2011-10-02 14:03 -------- d-----w- c:\documents and settings\Douw\Local Settings\Application Data\ApplicationHistory

    2011-10-02 14:03 . 2011-10-02 14:03 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory

    2011-09-29 06:06 . 2011-09-29 06:06 -------- d-----w- c:\documents and settings\Douw\Application Data\Malwarebytes

    2011-09-29 06:06 . 2011-09-29 06:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

    2011-09-29 06:06 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

    2011-09-29 06:06 . 2011-09-29 06:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

    2011-09-28 19:28 . 2011-09-28 19:28 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

    2011-09-28 18:45 . 2011-09-28 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

    2011-09-12 12:23 . 2011-09-12 12:23 1409 ----a-w- c:\windows\QTFont.for

    .

    .

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

    "Djuqasaxogapog"="c:\windows\dkbdfg.dll" [bU]

    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Apoint"="c:\program files\Apoint\Apoint.exe" [2005-10-07 176128]

    "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]

    "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]

    "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]

    "Document Manager"="c:\program files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe" [2006-05-16 102400]

    "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-06-29 1032192]

    "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]

    "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]

    "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-07-31 282624]

    "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2009-03-16 115560]

    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]

    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

    "VMonitorVMUVC"="c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe" [2008-03-26 135168]

    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

    .

    c:\documents and settings\All Users\Start Menu\Programs\Startup\

    Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-11-18 1724416]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gemsafe]

    2006-11-16 12:20 73728 ----a-w- c:\program files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]

    @="Service"

    .

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

    backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

    .

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]

    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk

    backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup

    .

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EMBASSY Trust Suite Secure Update.lnk]

    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\EMBASSY Trust Suite Secure Update.lnk

    backup=c:\windows\pss\EMBASSY Trust Suite Secure Update.lnkCommon Startup

    .

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NkbMonitor.exe.lnk]

    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk

    backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup

    .

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^STVSPCButton.lnk]

    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\STVSPCButton.lnk

    backup=c:\windows\pss\STVSPCButton.lnkCommon Startup

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]

    2005-10-27 10:00 299008 ------w- c:\program files\Creative\Shared Files\CamTray.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]

    2006-08-28 21:57 395776 ----a-w- c:\progra~1\DELLSU~1\DSAgnt.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]

    2005-09-08 05:20 122940 ----a-w- c:\windows\system32\DLA\DLACTRLW.EXE

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]

    2005-12-09 20:29 49152 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

    2004-07-27 16:50 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

    2004-07-27 16:50 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

    2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

    2008-07-09 13:39 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]

    2003-05-08 10:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

    2007-07-31 08:16 282624 ----a-w- c:\program files\QuickTime\qttask.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegTool]

    2007-11-08 12:36 172032 ----a-w- c:\program files\Gemplus\GemSafe Libraries\BIN\RegTool.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]

    2006-03-24 16:30 282624 ----a-w- c:\windows\stsystra.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

    2009-10-09 11:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Engine]

    c:\documents and settings\All Users\Application Data\6defd5\SM6de_231.exe [bU]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

    2008-06-18 15:15 393216 ------w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]

    2006-10-25 14:11 544768 ----a-w- c:\program files\Sprite Software\Sprite Backup\SpriteService.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

    2005-11-10 13:03 36975 ----a-w- c:\program files\Java\jre1.5.0_06\bin\jusched.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

    "DisableMonitoring"=dword:00000001

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

    "EnableFirewall"= 0 (0x0)

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

    "%windir%\\system32\\sessmgr.exe"=

    "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

    "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

    "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

    "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

    "c:\\Program Files\\Sprite Software\\Sprite Backup\\SpriteService.exe"=

    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=

    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

    "c:\\Program Files\\VMware\\VMware View\\Client\\bin\\vmware-remotemks.exe"=

    "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe"=

    "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"=

    "c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"=

    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    .

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    .

    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9/29/2011 8:06 AM 366152]

    R2 wsnm;VMware View Client Service;c:\program files\VMware\VMware View\Client\bin\wsnm.exe [11/18/2009 11:18 AM 151552]

    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [7/28/2011 10:00 AM 105592]

    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9/29/2011 8:06 AM 22216]

    S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]

    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/17/2011 2:19 PM 136176]

    S3 GemSealP;GemSealP;c:\windows\system32\drivers\GemSealP.sys [2/14/2007 3:01 PM 71936]

    S3 GTKCMOS;GTKCMOS;c:\windows\system32\GTKCMOS.sys [6/15/2004 4:55 PM 7882]

    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/17/2011 2:19 PM 136176]

    S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem;c:\windows\system32\drivers\ewusbmdm.sys [9/2/2010 11:51 AM 102400]

    S3 hwusbapp;HUAWEI Mobile Connect - 3G PC UI Interface;c:\windows\system32\drivers\ewusbapp.sys [2/14/2007 9:33 AM 65152]

    S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface;c:\windows\system32\drivers\ewusbser.sys [2/14/2007 9:33 AM 65152]

    S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]

    S3 phaudlwr;Philips Audio Filter;c:\windows\system32\drivers\phaudlwr.sys [1/30/2010 1:02 PM 88704]

    S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [4/20/2009 3:46 PM 86696]

    S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [4/20/2009 3:46 PM 15016]

    S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [4/20/2009 3:46 PM 114472]

    S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [4/20/2009 3:46 PM 108200]

    S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [4/20/2009 3:46 PM 26024]

    S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [4/20/2009 3:46 PM 104616]

    S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [4/20/2009 3:46 PM 109736]

    S3 SPC630;Philips SPC630NC PC Camera;c:\windows\system32\drivers\SPC630.sys [1/30/2010 1:02 PM 489472]

    S3 SPC630m;Philips SPC630NC PC Cameram;c:\windows\system32\drivers\SPC630m.sys [1/30/2010 1:02 PM 7680]

    S3 V0330VID;WebCam Vista;c:\windows\system32\drivers\V0330Vid.sys [12/5/2007 11:41 AM 173632]

    S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [6/30/2011 6:01 PM 250752]

    S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [6/30/2011 6:01 PM 398720]

    .

    Contents of the 'Scheduled Tasks' folder

    .

    2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-17 12:19]

    .

    2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-17 12:19]

    .

    2011-10-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2739312101-2801067174-1606002916-1005Core.job

    - c:\documents and settings\Douw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-17 12:19]

    .

    2011-10-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2739312101-2801067174-1606002916-1005UA.job

    - c:\documents and settings\Douw\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-17 12:19]

    .

    .

    ------- Supplementary Scan -------

    .

    uStart Page = hxxp://www.google.co.za/

    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

    TCP: Interfaces\{8CCCDA7A-9C20-4FEF-B33B-71B13299BEC5}: NameServer = 196.25.255.3,196.25.255.34

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2011-10-02 19:09

    Windows 5.1.2600 Service Pack 3 NTFS

    .

    scanning hidden processes ...

    .

    scanning hidden autostart entries ...

    .

    scanning hidden files ...

    .

    scan completed successfully

    hidden files: 0

    .

    **************************************************************************

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    .

    - - - - - - - > 'explorer.exe'(1628)

    c:\windows\system32\WININET.dll

    c:\windows\system32\ieframe.dll

    c:\windows\system32\msi.dll

    c:\windows\system32\mshtml.dll

    c:\windows\IME\SPGRMR.DLL

    c:\program files\Common Files\Microsoft Shared\INK\SKCHUI.DLL

    c:\windows\system32\WPDShServiceObj.dll

    c:\windows\system32\PortableDeviceTypes.dll

    c:\windows\system32\PortableDeviceApi.dll

    .

    ------------------------ Other Running Processes ------------------------

    .

    c:\program files\Intel\Wireless\Bin\EvtEng.exe

    c:\program files\Intel\Wireless\Bin\S24EvMon.exe

    c:\program files\Intel\Wireless\Bin\WLKeeper.exe

    c:\program files\Symantec\Symantec Endpoint Protection\Smc.exe

    c:\program files\Common Files\Symantec Shared\ccSvcHst.exe

    c:\windows\System32\SCardSvr.exe

    c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

    c:\program files\Wave Systems Corp\Common\DataServer.exe

    c:\program files\Common Files\LightScribe\LSSrvc.exe

    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

    c:\program files\Dell\QuickSet\NICCONFIGSVC.exe

    c:\program files\Intel\Wireless\Bin\RegSrvc.exe

    c:\program files\Symantec\Symantec Endpoint Protection\Rtvscan.exe

    c:\program files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe

    c:\program files\Symantec\Symantec Endpoint Protection\SmcGui.exe

    c:\windows\system32\wscntfy.exe

    c:\windows\system32\igfxsrvc.exe

    c:\program files\Apoint\HidFind.exe

    c:\program files\Apoint\Apntex.exe

    c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe

    c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

    c:\progra~1\MI3AA1~1\rapimgr.exe

    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

    c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

    c:\program files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

    .

    **************************************************************************

    .

    Completion time: 2011-10-02 19:14:49 - machine was rebooted

    ComboFix-quarantined-files.txt 2011-10-02 17:14

    ComboFix2.txt 2011-09-29 08:03

    .

    Pre-Run: 29,122,502,656 bytes free

    Post-Run: 29,098,135,552 bytes free

    .

    - - End Of File - - 94CF84A5231FF6705C647DA21BE6825F

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.