BleepingComputer.com: Malwarebytes detected Trojan.Tracur.Gen plus others

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Malwarebytes detected Trojan.Tracur.Gen plus others

#1 User is offline   gamma2 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 18-June 11

Posted 18 June 2011 - 01:44 PM

Malwarebytes detected torjan.tracur.gen, heuristics.reserved.word.exploit, trojan.agent.gen, torjan.bho, they are sitting in quaratine. My browser is working, however if I try to do a search in either yahoo or google, the search runs, but any site you click on it is being then redirected. I can get to sites by typing the http: in though.

I copied the DDS.txt and attached the file. I tried to do the gmer, but I get nothing in the scan. The only boxes it will let me check are services, registry, files, c:\ and ads, the rest of the boxes I can't check, they are there, but the box has a light blue coloring and I can't click it to check them. Any help would be greatly appreciated.

.
DDS (Ver_2011-06-12.02) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Regine at 13:15:41 on 2011-06-18
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1913.810 [GMT -4:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\webclnt32.exe
C:\ProgramData\icsigd32.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\windows\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil10r_ActiveX.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\windows\system32\wuauclt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig?brand=TSNA&bmod=TSNA
ustart page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = about:blank
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: 4aa59678: {266360b9-2d68-7cab-1942-37bdeb51bb5a} - C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: 4aa59678: {8a4286f0-ff6d-7744-0e26-f535977d5811} - C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: 4aa59678: {c18b0f86-7e51-fb10-8578-983d6df1d8b9} - C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: 4aa59678: {e1a4c7ce-3c1e-ee52-f405-5891ee9a78a8} - C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - C:\Users\Regine\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/zuma/default/popcaploader_v6.cab
TCP: DhcpNameServer = 64.233.217.3 64.233.217.5
TCP: Interfaces\{03D49E4C-A03C-4E26-9E3C-9E65E164EEA2} : DhcpNameServer = 64.233.217.3 64.233.217.5
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
AppInit_DLLs: C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: 4aa59678: {266360B9-2D68-7CAB-1942-37BDEB51BB5A} - C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: 4aa59678: {8A4286F0-FF6D-7744-0E26-F535977D5811} - C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: 4aa59678: {C18B0F86-7E51-FB10-8578-983D6DF1D8B9} - C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: 4aa59678: {E1A4C7CE-3C1E-EE52-F405-5891EE9A78A8} - C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun-x64: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
AppInit_DLLs-X64: C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Regine\AppData\Roaming\Mozilla\Firefox\Profiles\jcjfseqy.default\
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 IPBusEnum32;PnP-X IP Bus Enumerator ;C:\Windows\System32\WebClnt32.exe [2011-6-18 785920]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-6-18 366640]
R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\windows\system32\DRIVERS\RTL8187B.sys --> C:\windows\system32\DRIVERS\RTL8187B.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2010-5-12 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-8-3 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-06-18 16:42:15 189520 ----a-w- C:\windows\SysWow64\drivers\tmcomm.sys
2011-06-18 16:14:31 168960 ------w- C:\ProgramData\api-ms-win-core-misc-l1-1-032.dll
2011-06-18 15:17:27 -------- d-----w- C:\Users\Regine\AppData\Roaming\Malwarebytes
2011-06-18 15:17:19 39984 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-18 15:17:19 -------- d-----w- C:\ProgramData\Malwarebytes
2011-06-18 15:17:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-18 12:48:01 785920 ----a-w- C:\ProgramData\icsigd32.exe
2011-06-18 12:47:58 785920 ----a-w- C:\windows\SysWow64\WebClnt32.exe
2011-06-15 20:39:56 981504 ----a-w- C:\windows\SysWow64\wininet.dll
2011-06-15 03:20:28 365824 ----a-w- C:\windows\SysWow64\VSPRINT7.OCX
2011-06-15 03:20:28 231139 ----a-w- C:\windows\SysWow64\BtnPlus1.ocx
2011-06-15 03:20:28 209608 ----a-w- C:\windows\SysWow64\TABCTL32.OCX
2011-06-15 03:20:28 203976 ----a-w- C:\windows\SysWow64\RICHTX32.OCX
2011-06-15 03:20:28 173312 ----a-w- C:\windows\SysWow64\VSPDF.OCX
2011-06-15 03:20:28 140288 ----a-w- C:\windows\SysWow64\COMDLG32.OCX
2011-06-15 03:20:27 -------- d-----w- C:\Program Files (x86)\Marginsoft
2011-06-02 15:38:31 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-25 17:40:39 -------- d-----w- C:\ProgramData\Norton
2011-05-25 13:33:48 27008 ----a-w- C:\windows\System32\drivers\Diskdump.sys
2011-05-24 06:10:29 142336 ----a-w- C:\windows\System32\poqexec.exe
2011-05-24 06:10:29 123904 ----a-w- C:\windows\SysWow64\poqexec.exe
.
==================== Find3M ====================
.
2011-05-29 13:11:20 25912 ----a-w- C:\windows\System32\drivers\mbam.sys
2011-05-28 03:25:16 1638912 ----a-w- C:\windows\System32\mshtml.tlb
2011-05-28 03:07:01 3133952 ----a-w- C:\windows\System32\win32k.sys
2011-05-28 03:00:02 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
2011-05-04 02:51:08 287744 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys
2011-05-04 02:51:08 157696 ----a-w- C:\windows\System32\drivers\mrxsmb.sys
2011-05-04 02:51:05 126464 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys
2011-05-03 05:21:22 976896 ----a-w- C:\windows\System32\inetcomm.dll
2011-05-03 04:50:29 740864 ----a-w- C:\windows\SysWow64\inetcomm.dll
2011-04-29 03:13:10 461312 ----a-w- C:\windows\System32\drivers\srv.sys
2011-04-29 03:12:54 399872 ----a-w- C:\windows\System32\drivers\srv2.sys
2011-04-29 03:12:37 161792 ----a-w- C:\windows\System32\drivers\srvnet.sys
2011-04-27 02:57:40 102400 ----a-w- C:\windows\System32\drivers\dfsc.sys
2011-04-25 05:32:22 1896832 ----a-w- C:\windows\System32\drivers\tcpip.sys
2011-04-25 02:44:02 499712 ----a-w- C:\windows\System32\drivers\afd.sys
2011-04-22 20:18:28 1197056 ----a-w- C:\windows\System32\wininet.dll
2011-04-22 20:14:08 57856 ----a-w- C:\windows\System32\licmgr10.dll
2011-04-22 19:31:26 44544 ----a-w- C:\windows\SysWow64\licmgr10.dll
2011-04-22 18:49:57 482816 ----a-w- C:\windows\System32\html.iec
2011-04-22 18:23:59 386048 ----a-w- C:\windows\SysWow64\html.iec
2011-04-09 06:45:48 5509504 ----a-w- C:\windows\System32\ntoskrnl.exe
2011-04-09 06:13:06 3957632 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13:06 3901824 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2011-04-01 20:21:34 676224 ----a-w- C:\windows\System32\ogacheckcontrol.dll
2011-03-25 03:23:22 343040 ----a-w- C:\windows\System32\drivers\usbhub.sys
2011-03-25 03:23:03 98816 ----a-w- C:\windows\System32\drivers\usbccgp.sys
2011-03-25 03:23:03 324608 ----a-w- C:\windows\System32\drivers\usbport.sys
2011-03-25 03:22:57 52224 ----a-w- C:\windows\System32\drivers\usbehci.sys
2011-03-25 03:22:56 25600 ----a-w- C:\windows\System32\drivers\usbohci.sys
2011-03-25 03:22:55 30720 ----a-w- C:\windows\System32\drivers\usbuhci.sys
2011-03-25 03:22:51 7936 ----a-w- C:\windows\System32\drivers\usbd.sys
.
============= FINISH: 13:16:32.22 ===============

Attached File(s)


#2 User is offline   gamma2 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 18-June 11

Posted 20 June 2011 - 11:31 AM

Can my post be closed as I have found other means to resolve it, thanks for your time, I know how busy you all are trying to fix everyone's problem.

#3 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,662
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 20 June 2011 - 11:37 AM

Hi!

Yep, this thread can be closed. Thanks for posting back to let us know that the issue you were experiencing has been solved.

We greatly appreciate it!

Please take care!

This thread will now be closed.

Kindest Regards,
SweetTech.
Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users