Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Log File, What Will I Do Now?


  • This topic is locked This topic is locked
3 replies to this topic

#1 SeiCair

SeiCair

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:20 PM

Posted 29 April 2008 - 07:28 AM

I encountered bar311.exe. dc8.exe, __.bat and __vbs when I scanned my computer. So after the combo fix what will I do now?

here is the log file

"reuben" - 2008-04-29 20:21:18 - ComboFix 07-07-04.4 - Service Pack 2
Command switches used :: C:\Documents and Settings\reuben\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe


((((((((((((((((((((((((( Files Created from 2008-03-28 to 2008-04-29 )))))))))))))))))))))))))))))))


2008-04-29 20:19 51,200 --a------ C:\WINDOWS\nircmd.exe
2008-04-29 19:43 161 --a------ C:\remove.bat
2008-04-29 18:31 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
2008-04-29 18:27 <DIR> d-------- C:\Program Files\Yahoo!
2008-04-29 18:25 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-04-17 22:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2008-04-17 22:28 <DIR> d-------- C:\Program Files\FlashGet
2008-04-17 22:25 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-17 22:22 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-04-17 22:22 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-04-17 22:22 <DIR> d-------- C:\WINDOWS\LastGood
2008-04-17 03:57 <DIR> d-------- C:\DOCUME~1\reuben\APPLIC~1\Teleca
2008-04-17 03:56 99,080 -ra------ C:\WINDOWS\system32\drivers\s116unic.sys
2008-04-17 03:56 98,696 -ra------ C:\WINDOWS\system32\drivers\s116obex.sys
2008-04-17 03:56 83,336 -ra------ C:\WINDOWS\system32\drivers\s116bus.sys
2008-04-17 03:56 23,176 -ra------ C:\WINDOWS\system32\drivers\s116nd5.sys
2008-04-17 03:56 15,112 -ra------ C:\WINDOWS\system32\drivers\s116mdfl.sys
2008-04-17 03:56 12,424 -ra------ C:\WINDOWS\system32\drivers\s116whnt.sys
2008-04-17 03:56 12,424 -ra------ C:\WINDOWS\system32\drivers\s116wh.sys
2008-04-17 03:56 12,424 -ra------ C:\WINDOWS\system32\drivers\s116cmnt.sys
2008-04-17 03:56 12,424 -ra------ C:\WINDOWS\system32\drivers\s116cm.sys
2008-04-17 03:56 11,016 -ra------ C:\WINDOWS\system32\drivers\s116cr.sys
2008-04-17 03:56 108,680 -ra------ C:\WINDOWS\system32\drivers\s116mdm.sys
2008-04-17 03:56 100,488 -ra------ C:\WINDOWS\system32\drivers\s116mgmt.sys
2008-04-16 03:44 73,601 -ra------ C:\WINDOWS\system32\MSMD4W.dll
2008-04-16 03:44 30,030 -ra------ C:\WINDOWS\system32\MSMWUD7.DLL
2008-04-16 03:44 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-04-08 11:51 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2008-04-04 19:57 229,376 --a------ C:\DOCUME~1\LOCALS~1\ntuser.dat
2008-04-04 19:57 1,986,560 --a------ C:\DOCUME~1\reuben\ntuser.dat
2008-04-02 13:16 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-02 13:15 163,840 --a------ C:\WINDOWS\BJPSUNST.EXE
2008-04-02 13:14 <DIR> d-------- C:\WINDOWS\StartHtmico
2008-04-02 13:13 90,112 -ra------ C:\WINDOWS\system32\CNMCP76.exe
2008-04-02 13:13 8,704 --a------ C:\WINDOWS\system32\CNMVS76.DLL
2008-04-02 13:13 139,776 --a------ C:\WINDOWS\system32\CNMLM76.DLL
2008-04-02 13:13 <DIR> d--h----- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
2008-04-02 13:12 <DIR> d-------- C:\Program Files\Canon
2008-04-01 17:04 0 --a------ C:\WINDOWS\PowerReg.dat
2008-04-01 17:02 <DIR> d-------- C:\Program Files\Liquid Entertainment
2008-03-30 23:15 <DIR> d-------- C:\Program Files\Winamp
2008-03-30 23:14 <DIR> d-------- C:\Program Files\VideoLAN
2008-03-30 23:13 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-30 23:12 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-03-30 23:12 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2008-03-30 23:12 <DIR> d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2008-03-30 23:12 <DIR> d-------- C:\DOCUME~1\reuben\APPLIC~1\Sony Ericsson
2008-03-30 23:11 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-03-30 23:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
2008-03-30 23:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
2008-03-30 21:13 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll
2008-03-30 21:13 <DIR> d-------- C:\Program Files\EA GAMES
2008-03-30 12:01 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-03-30 12:01 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
2008-03-30 11:22 <DIR> d-------- C:\DOCUME~1\reuben\APPLIC~1\WinRAR
2008-03-30 11:18 16,128 --a------ C:\WINDOWS\system32\drivers\MODEMCSA.sys
2008-03-30 11:17 <DIR> d-------- C:\Program Files\CONEXANT
2008-03-30 08:09 <DIR> d-------- C:\Program Files\Patrician III
2008-03-30 06:05 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2008-03-30 06:05 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2008-03-30 06:05 <DIR> d-------- C:\WINDOWS\Provisioning
2008-03-30 06:05 <DIR> d-------- C:\WINDOWS\PeerNet
2008-03-30 06:05 <DIR> d-------- C:\WINDOWS\ehome
2008-03-30 01:10 <DIR> d-------- C:\Program Files\Rainlendar2
2008-03-30 01:10 <DIR> d-------- C:\DOCUME~1\reuben\.rainlendar2
2008-03-30 01:07 <DIR> d-------- C:\Program Files\PowerISO
2008-03-30 01:03 1,047,552 --a------ C:\WINDOWS\system32\mfc71u.dll
2008-03-30 01:03 <DIR> d-------- C:\Program Files\Musicmatch
2008-03-30 01:03 <DIR> d-------- C:\DOCUME~1\reuben\APPLIC~1\Musicmatch
2008-03-30 01:01 <DIR> d-------- C:\Program Files\Google
2008-03-30 01:00 43,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-03-30 01:00 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-03-30 01:00 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-03-30 01:00 129,784 --a------ C:\WINDOWS\system32\pxafs.dll
2008-03-30 01:00 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2008-03-30 01:00 116,472 --------- C:\WINDOWS\system32\pxcpyi64.exe
2008-03-30 01:00 <DIR> d-------- C:\Program Files\DivX
2008-03-30 00:58 36,734 --a------ C:\WINDOWS\system32\OggDSuninst.exe
2008-03-30 00:57 60,273 --a------ C:\WINDOWS\system32\pthreadGC2.dll
2008-03-30 00:57 10,752 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-03-30 00:57 <DIR> d-------- C:\Program Files\ffdshow
2008-03-30 00:57 <DIR> d-------- C:\Program Files\AC3Filter
2008-03-30 00:12 <DIR> d-------- C:\Programs
2008-03-29 23:49 3,252 --------- C:\WINDOWS\system32\drivers\PQNTDRV.SYS
2008-03-29 23:49 1,262,956 --------- C:\WINDOWS\system32\XMNT2001.EXE
2008-03-29 23:48 <DIR> d-------- C:\Program Files\PowerQuest
2008-03-29 23:38 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-03-29 23:37 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-03-29 23:37 <DIR> d-------- C:\Program Files\Common Files\L&H
2008-03-29 23:36 <DIR> d-------- C:\Program Files\Microsoft Works
2008-03-29 23:36 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-03-29 23:35 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-03-29 23:32 <DIR> d-------- C:\Program Files\DAEMON Tools
2008-03-29 23:30 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-03-29 23:24 9,855 --a------ C:\WINDOWS\system32\drivers\mdmxsdk.sys
2008-03-29 23:24 591,536 --a------ C:\WINDOWS\system32\drivers\HSF_CNXT.sys
2008-03-29 23:24 57,344 --a------ C:\WINDOWS\system32\mdmxsdk.dll
2008-03-29 23:24 51,200 --a------ C:\WINDOWS\system32\carpdll.dll
2008-03-29 23:24 4,608 --a------ C:\WINDOWS\system32\carpserv.exe
2008-03-29 23:24 33,548 --a------ C:\WINDOWS\system32\drivers\strmdisp.sys


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2008-03-16 00:49:55 -------- d-----w C:\Program Files\Common Files\ODBC
2008-03-16 00:49:51 -------- d-----w C:\Program Files\Common Files\SpeechEngines


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
2007-12-19 05:49 817936 --a------ C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2005-09-24 01:12 63136 --a------ C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
2007-06-29 19:44 94308 --a------ C:\Program Files\FlashGet\jccatch.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
2007-12-13 06:09 222448 --a------ C:\Program Files\Yahoo!\Common\yiesrvc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
2007-05-16 13:05 163840 --a------ C:\Program Files\FlashGet\getflash.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2005-11-11 20:47 C:\WINDOWS\system32\nwiz.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-29 18:24]
"CARPService"="carpserv.exe" [2001-12-23 03:02 C:\WINDOWS\system32\carpserv.exe]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 09:10]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 06:29]
"Rainlendar2"="C:\Program Files\Rainlendar2\Rainlendar2.exe" [2007-04-15 14:31]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-01-13 09:13]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"msnsc"=C:\WINDOWS\system32\msnsc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microtek Scanner Finder.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microtek Scanner Finder.lnk
backup=C:\WINDOWS\pss\Microtek Scanner Finder.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
C:\PROGRA~1\MUSICM~1\MUSICM~1\mm_tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
"C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{292edf14-f2f1-11dc-9604-806d6172696f}]
AutoRun\command- F:\
explore\Command- WScript.exe .\__.vbs
open\Command- WScript.exe .\__.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3801bbe-022f-11dd-ba18-00e04cb26136}]
AutoRun\command- G:\bar311.exe %1
Explore\command- G:\bar311.exe %1
Open\command- G:\bar311.exe %1

*Newly Created Service* - BITS

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-29 20:24:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2008-04-29 20:25:31

--- E O F ---

BC AdBot (Login to Remove)

 


#2 SeiCair

SeiCair
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:20 PM

Posted 29 April 2008 - 07:44 AM

this is the hijackthis.log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:47:21 PM, on 4/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\FlashGet\FlashGet.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG7\avgwb.dat
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: Yahoo! uC - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! uC - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5182 bytes

Edited by SeiCair, 29 April 2008 - 07:45 AM.


#3 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:07:20 AM

Posted 18 May 2008 - 05:56 AM

Hello SeiCair
Welcome to the Bleeping Computer Malware Removal Forum, sorry about the delay, but the amount of people posting with infected computers is through the roof and sometimes we can't get to logs as fast as we would like to. If you have not resolved your issue and still need assistance, post a new HJT log please as your system may have changed since your original post.

SeiCair, by replying to your own post you removed yourself from the Zero replies category that we look for to work logs and it looked like you where being helped.

Ken

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#4 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:07:20 AM

Posted 31 May 2008 - 10:05 PM

Due to inactivity, this thread will now be closed. If you need this topic reopened, please contact a Staff member. Include the address of this thread in your request. This applies only to the original topic starter. Should you have a new issue, please start a New Topic.

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users