Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Clicking links in search redirects

Started by VareSweet , Oct 09 2009 04:13 PM

  • Please log in to reply

#1
VareSweet
Posted 09 October 2009 - 04:13 PM

VareSweet

    New Member

  • Member
  • Pip
  • 1 posts
So as of late sometimes when I search something on Google and click a link in the results, I am redirected. Now I know that's a spyware/virus/whatever but not sure how to remove it. I've tried my best as far as I know how to and still nothing. I ran ComboFix to see if that helped and so far things seem fine but figured I'd post the log on here to see if anyone could look over it for me and let me know what else I should do.

COMBOFIX LOG

ComboFix 09-10-08.04 - NoteBook 10/09/2009 15:31.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.642 [GMT -5:00]
Running from: c:\documents and settings\NoteBook\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\windows\Palace.reg
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
D:\Autorun.inf

Infected copy of c:\windows\system32\drivers\iaStor.sys was found and disinfected
Kitty ate it :)
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


((((((((((((((((((((((((( Files Created from 2009-09-09 to 2009-10-09 )))))))))))))))))))))))))))))))
.

2009-10-09 20:01 . 2009-10-09 20:01 -------- d-----w- c:\documents and settings\NoteBook\Application Data\Yahoo!
2009-10-09 20:01 . 2009-10-09 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-10-09 20:01 . 2009-10-09 20:01 -------- d-----w- c:\program files\CCleaner
2009-10-09 19:57 . 2009-10-09 19:57 -------- d-----w- C:\!KillBox
2009-10-09 19:54 . 2009-10-09 19:54 -------- d-----w- c:\documents and settings\NoteBook\Application Data\Malwarebytes
2009-10-09 19:54 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-09 19:54 . 2009-10-09 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-09 19:54 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-09 19:54 . 2009-10-09 19:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-09 05:37 . 2009-10-09 05:38 -------- d-----w- c:\program files\Windows Live Safety Center
2009-10-09 04:38 . 2009-10-09 05:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-10-08 02:45 . 2009-10-08 02:45 -------- d-----w- c:\windows\system32\wbem\Repository
2009-10-07 19:20 . 2009-10-07 19:20 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-10-07 08:07 . 2009-10-07 08:07 -------- d-----w- c:\documents and settings\LocalService\IETldCache
2009-10-07 01:33 . 2009-10-08 02:45 -------- d-----w- c:\documents and settings\NoteBook\Local Settings\Application Data\Google
2009-09-29 23:26 . 2009-09-29 23:26 -------- d-----w- c:\program files\Common Files\AOL
2009-09-26 22:33 . 2009-09-26 23:09 -------- d-----w- c:\documents and settings\NoteBook\Local Settings\Application Data\DFH
2009-09-21 08:00 . 2009-09-21 08:00 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-09-20 09:57 . 2009-08-07 00:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-09-20 09:57 . 2009-08-07 00:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-09-19 15:53 . 2009-10-09 19:03 -------- d-----w- c:\documents and settings\NoteBook\Tracing
2009-09-19 15:50 . 2009-09-19 15:50 -------- d-----w- c:\program files\Microsoft
2009-09-19 15:50 . 2009-09-19 15:50 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-19 15:50 . 2009-09-19 15:52 -------- d-----w- c:\program files\Windows Live
2009-09-19 15:47 . 2009-09-19 15:47 -------- d-----w- c:\program files\Common Files\Windows Live

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-09 20:14 . 2009-09-04 08:52 -------- d-----w- c:\documents and settings\NoteBook\Application Data\Skype
2009-10-09 20:01 . 2009-02-11 06:27 -------- d-----w- c:\program files\Yahoo!
2009-10-09 13:07 . 2009-09-04 08:53 -------- d-----w- c:\documents and settings\NoteBook\Application Data\skypePM
2009-09-29 23:28 . 2009-02-20 05:04 -------- d-----w- c:\program files\AIM6
2009-09-29 23:27 . 2009-02-20 05:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-09-29 23:25 . 2009-02-20 05:06 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads
2009-09-26 22:53 . 2009-08-16 20:59 -------- d-----w- c:\program files\SystemRequirementsLab
2009-09-26 21:44 . 2009-02-22 06:36 -------- d-----w- c:\documents and settings\NoteBook\Application Data\uTorrent
2009-09-19 15:53 . 2009-02-11 07:32 63928 ----a-w- c:\documents and settings\NoteBook\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-18 19:57 . 2009-03-04 23:14 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-08 18:58 . 2009-02-11 05:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-04 08:53 . 2009-09-04 08:53 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-09-04 08:52 . 2009-09-04 08:52 -------- d-----r- c:\program files\Skype
2009-09-04 08:52 . 2009-09-04 08:52 -------- d-----w- c:\program files\Common Files\Skype
2009-09-04 08:52 . 2009-09-04 08:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-09-03 23:07 . 2009-03-30 01:20 -------- d-----w- c:\documents and settings\NoteBook\Application Data\HP
2009-08-31 19:22 . 2009-02-11 06:32 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-29 19:48 . 2009-08-29 19:48 -------- d-----w- c:\program files\softendo.com
2009-08-29 19:14 . 2009-08-29 19:08 -------- d-----w- c:\program files\Darkest of Days
2009-08-29 19:09 . 2009-08-29 19:09 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-08-29 19:09 . 2009-08-29 19:09 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-08-29 19:09 . 2009-08-29 19:09 -------- d-----w- c:\program files\OpenAL
2009-08-24 21:48 . 2009-08-24 21:48 1925024 ----a-w- c:\documents and settings\NoteBook\install_flash_player.exe
2009-08-24 19:53 . 2009-08-24 19:53 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-08-24 19:53 . 2009-08-24 19:53 0 ----a-w- c:\windows\nsreg.dat
2009-08-24 19:53 . 2009-08-24 19:53 -------- d-----w- c:\documents and settings\NoteBook\Application Data\Thunderbird
2009-08-19 14:17 . 2009-02-11 08:44 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-19 14:17 . 2009-02-11 08:44 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-19 14:17 . 2009-02-11 08:44 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-15 08:05 . 2009-08-15 08:05 -------- d-----w- c:\program files\MSBuild
2009-08-15 08:04 . 2009-08-15 08:04 -------- d-----w- c:\program files\Reference Assemblies
2009-08-15 08:01 . 2009-08-15 08:01 -------- d-----w- c:\program files\MSXML 6.0
2009-08-12 08:42 . 2009-07-22 03:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Logishrd
2009-08-12 08:38 . 2009-07-22 03:51 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-08-12 08:38 . 2009-07-22 03:51 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-08-12 06:05 . 2009-08-12 06:03 -------- d-----w- c:\program files\QuickMediaConverter
2009-08-08 20:17 . 2009-08-08 20:09 103193 ----a-w- c:\windows\hpoins08.dat
2009-08-07 00:24 . 2004-08-05 04:00 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-07 00:24 . 2004-08-05 04:00 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-07 00:24 . 2008-10-16 20:09 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-07 00:24 . 2004-08-05 04:00 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-07 00:24 . 2004-08-05 04:00 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-07 00:24 . 2004-08-05 04:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-07 00:23 . 2004-08-05 04:00 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-07 00:23 . 2004-08-05 04:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-05 04:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-26 21:44 . 2009-07-26 21:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 19:01 . 2004-08-05 04:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 04:43 . 2004-08-05 04:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-07 08:11 . 2009-07-07 08:11 53248 --sha-w- c:\windows\system32\nilowuma.dll.tmp
2009-07-07 08:11 . 2009-07-07 08:11 53248 --sha-w- c:\windows\system32\rosekusi.dll.tmp
2009-07-07 08:11 . 2009-07-07 08:11 53248 --sha-w- c:\windows\system32\weganeja.dll.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-08-20 2000120]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-09-02 25623336]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 458752]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-11 36975]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-12 102400]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-12 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-12 81920]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 163840]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2006-01-27 40960]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-08 2023704]
"Easy Dock"="c:\documents and settings\NoteBook\My Documents\RCA EasyRip\EZDock.exe" [2008-03-21 524288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-03-14 233472]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" - c:\windows\system32\CHDAudPropShortcut.exe [2006-06-23 61952]

c:\documents and settings\NoteBook\Start Menu\Programs\Startup\
RCA Detective.lnk - c:\documents and settings\NoteBook\My Documents\RCA Detective\RCADetective.exe [2009-2-22 1110016]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-19 14:17 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\nexon\Combat Arms\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Tencent\\QQ Games\\QQGames.exe"=
"c:\\Program Files\\Tencent\\QQ Games\\QQGamesD.exe"=
"c:\\Program Files\\Tencent\\QQ Games\\Update\\Update.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=
"c:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56350:TCP"= 56350:TCP:Pando Media Booster
"56350:UDP"= 56350:UDP:Pando Media Booster
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675
"56661:TCP"= 56661:TCP:Pando Media Booster
"56661:UDP"= 56661:UDP:Pando Media Booster
"37675:TCP"= 37675:TCP:*:Disabled:ooVoo TCP port 37675
"37676:UDP"= 37676:UDP:*:Disabled:ooVoo UDP port 37676

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2/11/2009 3:44 AM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2/11/2009 3:44 AM 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/11/2009 3:44 AM 297752]
R2 ViCAM;ViCAM;c:\windows\system32\drivers\Vicam.sys [2/28/2009 8:05 AM 25984]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2/20/2009 12:06 AM 24652]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 VICAMUSB;3Com HomeConnect USB Camera;c:\windows\system32\drivers\VicamUsb.sys [2/28/2009 8:05 AM 38548]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-10-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2009-10-09 c:\windows\Tasks\User_Feed_Synchronization-{CCB35AE6-8745-49EF-A7DC-8336DFADF33B}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 4.00\AMVConverter\grab.html
IE: Add to Media Manager... - c:\program files\MP3 Player Utilities 4.00\MediaManager\grab.html
IE: E&xport to Microsoft Excel
DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-09 15:37
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe?????? ???@???????????????@? ????O????????@???????@

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3688)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~1\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgnsx.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Logitech\QuickCam\LU\LULnchr.exe
c:\program files\Logitech\QuickCam\LU\LogitechUpdate.exe
.
**************************************************************************
.
Completion time: 2009-10-09 15:42 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-09 20:42

Pre-Run: 32,880,205,824 bytes free
Post-Run: 34,163,990,528 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

270
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP