Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

coudertk rapport combifix


  • This topic is locked This topic is locked
1 reply to this topic

#1 K Coudert

K Coudert

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:33 PM

Posted 08 September 2009 - 11:21 AM

ComboFix 09-09-07.05 - karine 08/09/2009 16:38.1.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1015.497 [GMT 1:00]
Running from: c:\documents and settings\karine\Bureau\coudertk.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-0171523437-2427991230-868464209-8555
c:\recycler\S-1-5-21-0807577229-7329236504-731916239-2930
c:\recycler\S-1-5-21-0889174209-6788408449-183422821-5746
c:\recycler\S-1-5-21-1664223568-1361745457-977673990-9561
c:\recycler\S-1-5-21-2612951839-6447291978-837377734-3112
c:\recycler\S-1-5-21-2811527838-7672552547-749670674-9314
c:\recycler\S-1-5-21-2811527838-7672552547-749670674-9314\Desktop.ini
c:\recycler\S-1-5-21-2811527838-7672552547-749670674-9314\nissan.exe
c:\recycler\S-1-5-21-4153531695-2495290622-948910198-3337
c:\recycler\S-1-5-21-4822592453-3275529006-507208427-6783
c:\recycler\S-1-5-21-5899376116-2107888259-631029300-6599
c:\recycler\S-1-5-21-6784739909-9560459721-012370242-2697
c:\recycler\S-1-5-21-7608926494-3300040301-086741476-5032
c:\windows\system32\drivers\kbiwkmyqooeute.sys
c:\windows\system32\kbiwkmasolvwml.dat
c:\windows\system32\kbiwkmmqptasrn.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_kbiwkmxvkipjwm
-------\Service_kbiwkmxvkipjwm


((((((((((((((((((((((((( Files Created from 2009-08-08 to 2009-09-08 )))))))))))))))))))))))))))))))
.

2009-09-08 09:40 . 2009-09-08 09:40 -------- d-----w- c:\program files\CCleaner
2009-09-08 08:33 . 2009-09-08 08:33 -------- d-----w- c:\program files\IZArc
2009-09-07 17:37 . 2009-09-07 17:37 -------- d-----w- c:\program files\MSXML 4.0
2009-09-07 14:15 . 2008-05-09 11:15 45376 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-09-07 14:15 . 2008-01-21 16:11 22336 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-09-07 14:15 . 2009-09-07 15:28 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-09-07 14:15 . 2009-09-07 14:15 -------- d-----w- c:\program files\Avira
2009-09-07 14:15 . 2009-09-07 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-09-07 09:12 . 2008-06-14 17:59 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-09-07 09:12 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\drivers\bthport.sys
2009-09-07 07:36 . 2009-09-07 07:36 -------- d-----w- c:\windows\ServicePackFiles
2009-09-06 14:54 . 2008-08-14 13:44 2059776 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-09-06 14:54 . 2008-08-14 13:44 2182400 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-09-06 14:54 . 2008-08-14 13:44 2138112 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-09-06 14:54 . 2008-08-14 13:44 2017792 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-09-06 13:36 . 2008-10-24 11:10 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-09-06 12:23 . 2009-09-07 17:39 -------- d--h--w- c:\windows\$hf_mig$
2009-09-06 12:08 . 2009-09-06 12:54 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-09-04 15:12 . 2009-09-04 15:12 -------- d-----w- C:\spoolerlogs
2009-09-04 15:08 . 2008-12-11 06:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-09-04 15:08 . 2009-08-24 12:05 206256 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-09-04 15:08 . 2009-08-19 09:01 86888 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-09-04 15:08 . 2009-09-04 15:09 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-09-04 15:08 . 2008-12-10 09:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-09-04 15:08 . 2009-09-08 10:20 -------- d-----w- c:\program files\Spyware Doctor
2009-09-04 15:08 . 2009-09-04 15:08 -------- d-----w- c:\documents and settings\karine\Application Data\PC Tools
2009-09-04 15:08 . 2009-09-04 15:08 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-09-04 15:06 . 2009-09-08 15:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-04 13:28 . 2004-08-03 22:54 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-09-04 13:28 . 2004-08-03 22:54 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-09-04 11:02 . 2009-09-08 14:19 -------- d-----w- C:\$AVG8.VAULT$
2009-09-04 09:47 . 2009-09-04 09:47 -------- d-----w- c:\documents and settings\karine\Application Data\CyberLink
2009-09-04 09:47 . 2009-09-04 09:47 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-09-04 07:18 . 2009-09-08 15:22 -------- d-----w- c:\documents and settings\karine\Application Data\Skype
2009-09-04 07:14 . 2009-09-04 07:14 -------- d-----w- c:\program files\Skype
2009-09-04 07:13 . 2009-09-04 07:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-09-03 15:24 . 2009-09-03 15:24 -------- d-----w- c:\documents and settings\karine\Local Settings\Application Data\AVG Security Toolbar
2009-09-03 15:21 . 2009-09-04 09:12 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-03 15:21 . 2009-09-03 15:21 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-09-03 15:20 . 2009-09-04 09:12 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-03 15:20 . 2009-09-04 09:12 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-09-03 15:20 . 2009-09-07 16:25 -------- d-----w- c:\windows\system32\drivers\Avg
2009-09-03 15:20 . 2009-09-03 15:20 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-09-03 15:20 . 2009-09-03 15:20 -------- d-----w- c:\program files\AVG
2009-09-03 15:20 . 2009-09-08 15:35 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-03 15:14 . 2009-09-03 15:14 -------- d-----w- c:\windows\system32\LogFiles
2009-09-03 15:10 . 2009-09-03 15:10 0 ----a-w- c:\windows\nsreg.dat
2009-09-03 15:10 . 2009-09-03 15:10 -------- d-----w- c:\documents and settings\karine\Local Settings\Application Data\Mozilla
2009-09-03 13:56 . 2009-09-03 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Maxtor
2009-09-03 13:56 . 2009-09-03 13:56 -------- d-----w- c:\program files\Maxtor
2009-09-03 13:55 . 2009-09-03 13:55 -------- d-----w- c:\windows\Downloaded Installations
2009-09-03 13:55 . 2009-09-03 13:55 -------- d-----w- c:\program files\MSXML 6.0
2009-09-03 13:54 . 2009-09-03 13:54 -------- d-sh--w- c:\windows\ftpcache
2009-09-03 13:38 . 2001-08-23 15:04 12288 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-09-03 13:38 . 2001-08-23 15:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-09-03 13:38 . 2001-08-17 20:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-09-03 13:38 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-09-03 11:25 . 2009-09-03 11:25 264097 ----a-w- c:\windows\PDFCreator_Toolbar_Uninstaller_1578.exe
2009-09-03 11:25 . 2009-09-03 11:25 -------- d-----w- c:\program files\PDFCreator Toolbar
2009-09-03 11:24 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2009-09-03 11:24 . 2009-09-03 11:25 -------- d-----w- c:\program files\PDFCreator
2009-09-03 11:24 . 1998-07-13 00:08 119568 ----a-w- c:\windows\system32\VB6FR.DLL
2009-09-03 11:24 . 1998-07-13 00:08 59904 ----a-w- c:\windows\system32\MSCC2FR.DLL
2009-09-03 11:24 . 1998-07-13 00:08 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
2009-09-03 11:24 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2009-09-03 10:46 . 2009-09-03 10:46 -------- d-----w- C:\NVIDIA
2009-09-03 10:45 . 2009-09-03 10:45 -------- d-----w- C:\ATI
2009-09-03 10:37 . 2000-03-29 14:17 5824 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
2009-09-03 10:30 . 2009-09-03 10:30 -------- d-----w- c:\program files\GIGABYTE
2009-09-03 10:25 . 2009-09-03 10:25 -------- d-----w- c:\program files\VIA
2009-09-03 10:25 . 2003-07-01 20:42 27904 ----a-w- c:\windows\system32\drivers\viaagp1.sys
2009-09-03 10:14 . 2009-09-03 10:14 -------- d-----w- c:\program files\Sonic
2009-09-03 10:09 . 2009-09-03 10:09 -------- d-----w- c:\windows\Drivers
2009-09-03 10:08 . 2009-09-03 10:08 -------- d-----w- c:\program files\S3Inc
2009-09-03 10:08 . 1998-07-30 15:40 306688 ----a-w- c:\windows\IsUn040c.exe
2009-09-03 10:04 . 2005-03-16 06:23 13696 ----a-r- c:\windows\system32\drivers\BIOS.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-08 09:46 . 2002-09-07 00:00 49932 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-08 09:46 . 2002-09-07 00:00 371070 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-03 13:56 . 2009-09-03 08:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-03 13:44 . 2009-09-03 09:01 63600 ----a-w- c:\documents and settings\karine\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-03 10:43 . 2009-09-03 10:43 -------- d-----w- c:\program files\Trident
2009-09-03 09:56 . 2009-09-03 08:56 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-09-03 09:55 . 2009-09-03 09:55 -------- d-----w- c:\documents and settings\karine\Application Data\AdobeUM
2009-09-03 09:44 . 2009-09-03 09:44 -------- d-----w- c:\program files\HP PCMCIA Smart Card Reader
2009-09-03 09:20 . 2009-09-03 09:20 1652 --sha-r- c:\windows\system32\drivers\103C_HP_NTBK_HP Compaq 6510b (GB867ET#ABF)_YN_0U_QCNU7260LJL_EU_46_I30C0_SHP_VKBC Version 71.27_B68DDU Ver. F.08_T070523_WXP2_L40C_M1016_J60_7Intel_8Core2 Duo T7100_91.8_#090903_N80864222_(GB867ET#ABF)_XMOBILE_CN10.MRK
2009-09-03 09:19 . 2009-09-03 09:08 -------- d-----w- c:\program files\Hewlett-Packard
2009-09-03 09:19 . 2009-09-03 09:19 -------- d-----w- c:\program files\SP36691
2009-09-03 09:15 . 2009-09-03 09:15 -------- d-----w- c:\program files\DIFX
2009-09-03 09:14 . 2009-09-03 09:14 -------- d-----w- c:\program files\Intel
2009-09-03 09:13 . 2009-09-03 09:13 -------- d-----w- c:\program files\Broadcom
2009-09-03 09:11 . 2009-09-03 09:11 -------- d-----w- c:\program files\Analog Devices
2009-09-03 09:07 . 2009-09-03 08:49 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-09-03 09:00 . 2009-09-03 09:00 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-09-03 09:00 . 2009-09-03 09:00 -------- d-----w- c:\program files\Fichiers communs\LightScribe
2009-09-03 08:58 . 2009-09-03 08:58 -------- d-----w- c:\program files\Ahead
2009-09-03 08:58 . 2009-09-03 08:58 -------- d-----w- c:\program files\Fichiers communs\Ahead
2009-09-03 08:54 . 2009-09-03 08:53 -------- d-----w- c:\program files\CyberLink
2009-09-03 07:51 . 2009-09-03 07:51 -------- d-----w- c:\program files\Microsoft.NET
2009-09-03 07:50 . 2009-09-03 07:50 -------- d-----w- c:\program files\Microsoft Works
2009-09-03 07:27 . 2009-09-03 07:27 -------- d-----w- c:\program files\microsoft frontpage
2009-09-03 07:25 . 2009-09-03 07:25 -------- d-----w- c:\program files\Services en ligne
2009-09-03 07:23 . 2009-09-03 07:23 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-14 04:58 . 2009-09-04 15:08 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-08-05 09:06 . 2004-08-04 04:54 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 18:56 . 2004-08-04 04:54 58880 ----a-w- c:\windows\system32\atl.dll
2009-06-25 08:44 . 2004-08-04 04:54 59392 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:44 . 2004-08-04 04:54 56320 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:44 . 2004-08-04 04:54 168448 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:44 . 2004-08-04 04:54 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:44 . 2004-08-04 04:54 731136 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:44 . 2004-08-04 04:54 298496 ----a-w- c:\windows\system32\kerberos.dll
2009-06-22 11:34 . 2004-08-04 02:59 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-15 11:33 . 2004-08-04 04:55 78848 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 11:32 . 2004-08-04 04:55 82944 ----a-w- c:\windows\system32\tlntsess.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-26 1008896]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-26 08:36 1008896 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-26 1008896]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-26 1008896]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-04 2007832]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-13 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-13 142360]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-04 09:12 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [04/09/2009 16:08 206256]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [03/09/2009 16:20 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [03/09/2009 16:21 108552]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [03/09/2009 11:04 13696]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [03/09/2009 16:20 297752]
R2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BACS\BPowMon.exe [31/08/2006 16:04 65536]
S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [17/07/2007 00:24 35072]
S3 i740;i740;c:\windows\system32\drivers\i740nt5.sys [03/09/2009 10:29 58592]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [04/09/2009 16:08 348752]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SiS Tray - d:\nvidia\WIN2000\SISTRAY.EXE


.
------- Supplementary Scan -------
.
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {4F14C780-4DE4-43BE-B656-90CF13BE8226} = 84.246.69.19
FF - ProfilePath - c:\documents and settings\karine\Application Data\Mozilla\Firefox\Profiles\jztk3bk2.default\
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 16:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\scardsvr.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Maxtor\Sync\SyncServices.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-09-08 16:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-08 15:46

Pre-Run: 52 464 586 752 octets libres
Post-Run: 52 463 706 112 octets libres

246 --- E O F --- 2009-09-07 17:39

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:33 PM

Posted 08 September 2009 - 02:28 PM

Hello K Coudert,

ComboFix should not to be discussed outside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.

If needed, we will direct you to our HJT Preparation Guide.

Thank you for using BleepingComputer as your malware removal source.

This topic is now closed. If you have any questions, please PM me or another Moderator.
The BC Staff
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users