Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My computer can't access certain websites


  • This topic is locked This topic is locked
2 replies to this topic

#1 nomorevirusforme

nomorevirusforme

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:57 PM

Posted 06 April 2010 - 10:17 PM

I can not access any site that is used to check for or clean viruses on my other computer. I am on a laptop posting this question because my computer can not get to bleepingcomputer.com.

When I go to certain websites using IE or Firefox I am unable to get to the site, I just get a page that says this page can not available to check and make sure I am online. I also notice that my Windows Defender is not functioning and neither is my McCafee. When I try to go to McCafee's website to update my virus definitions it takes me to the "this page is not available", if I go to Norton same thing. My internet provider said I may need to reinstall McCafee but at this point all I am able to do is uninstall it since it can not get to the site to run updates. If I go to google and conduct a search for virus checking or spyware software I have no problem returning search results but as soon as I click on a link to go to the site I get the bad page again. I actually have to use a separate computer to access this site because this site is being blocked as well. I have noticed that the pages are being redirected to an IP address 64.111 212.229 prior to receiving the bad page.

Can you help me?

ComboFix 10-04-19.08 - Kris 04/20/2010 19:50:15.1.2 - x86 NETWORK
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.2814.2249 [GMT -4:00]
Running from: c:usersKrisDesktopComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:$recycle.binS-1-5-21-1006404772-3858300709-782108598-500
c:$recycle.binS-1-5-21-2759280842-944992480-3630274183-500
C:NORTON~1.EXE
c:usersKrisAppDataLocal010112010146111103.xxe
c:usersKrisAppDataLocalrdr_1268828265.exe
c:windowsbk23567.dat
c:windowsfdgg34353edfgdfdf
c:windowsligh
c:windowssystem32driversimapioko.sys
c:windowssystem32erokosvc.dll
c:windowssystem32MSVolume.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------Legacy_APTO6KO
-------Service_apto6ko
-------Service_cpqoko6


((((((((((((((((((((((((( Files Created from 2010-03-20 to 2010-04-20 )))))))))))))))))))))))))))))))
.

2010-04-20 23:57 . 2010-04-21 00:01 -------- d-----w- c:usersKrisAppDataLocaltemp
2010-04-20 23:57 . 2010-04-20 23:57 -------- d-----w- c:usersDefaultAppDataLocaltemp
2010-04-08 02:56 . 2010-01-05 22:04 9344 ----a-w- c:windowssystem32driversmfeclnk.sys
2010-04-08 02:56 . 2010-01-05 22:04 83496 ----a-w- c:windowssystem32driversmferkdet.sys
2010-04-08 02:56 . 2010-01-05 22:04 64304 ----a-w- c:windowssystem32driversmfenlfk.sys
2010-04-08 02:56 . 2010-01-05 22:04 51688 ----a-w- c:windowssystem32driversmfebopk.sys
2010-04-08 02:56 . 2010-01-05 22:04 312584 ----a-w- c:windowssystem32driversmfefirek.sys
2010-04-08 02:56 . 2010-01-05 22:04 160720 ----a-w- c:windowssystem32driversmfewfpk.sys
2010-04-08 02:56 . 2010-01-05 22:04 152320 ----a-w- c:windowssystem32driversmfeavfk.sys
2010-04-08 02:56 . 2010-01-05 22:04 55456 ----a-w- c:windowssystem32driverscfwids.sys
2010-04-08 02:56 . 2010-04-08 02:57 -------- d-----w- c:program filesCommon FilesMcafee
2010-04-08 02:56 . 2010-04-08 02:56 -------- d-----w- c:program filesMcAfee.com
2010-04-08 02:56 . 2010-04-08 23:48 -------- d-----w- c:program filesMcAfee
2010-04-07 01:04 . 2010-04-07 01:04 -------- d-----w- c:windowsSun
2010-04-07 00:36 . 2010-04-08 01:36 -------- d-----w- c:programdataNorton
2010-03-24 00:29 . 2010-03-24 00:29 20480 ---ha-w- C:SZKGFS.dat
2010-03-24 00:27 . 2010-03-24 00:27 -------- d-----w- c:programdataSITEguard
2010-03-24 00:25 . 2010-03-24 00:26 -------- d-----w- c:program filesSTOPzilla!
2010-03-24 00:25 . 2010-03-24 00:25 -------- d-----w- c:program filesCommon FilesiS3
2010-03-24 00:25 . 2010-04-06 23:34 -------- d-----w- c:programdataSTOPzilla!

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-21 00:02 . 2009-02-21 03:42 -------- d-----w- c:programdataGoogle Updater
2010-04-21 00:02 . 2008-12-13 20:39 -------- d-----w- c:usersKrisAppDataRoamingLimeWire
2010-04-20 23:59 . 2008-12-29 01:02 27744 ----a-w- c:programdatanvModes.dat
2010-04-09 04:33 . 2008-11-29 01:08 83984 ----a-w- c:usersKrisAppDataLocalGDIPFONTCACHEV1.DAT
2010-04-08 23:51 . 2008-11-28 21:16 -------- d-----w- c:programdataMcAfee
2010-04-06 03:41 . 2010-04-06 03:40 848 ----a-w- c:windowssystem32driverskgpfr2.cfg
2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:programdataAdobeReader8.2ARM10221AdobeARM.exe
2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:programdataAdobeReader8.2ARM10221AdobeExtractFiles.dll
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:programdataAdobeReader8.2ARM10221ReaderUpdater.exe
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:programdataAdobeReader8.2ARM10221AcrobatUpdater.exe
2010-03-20 19:36 . 2008-08-04 18:21 -------- d-----w- c:program filesCommon FilesAdobe
2010-03-20 13:30 . 2009-01-21 02:36 1008 ----a-w- c:usersKrisAppDataRoamingwklnhst.dat
2010-03-15 11:32 . 2010-03-15 11:32 -------- d-----w- c:programdataOffice Genuine Advantage
2010-03-12 13:06 . 2009-04-09 00:17 680 ----a-w- c:usersKrisAppDataLocald3d9caps.dat
2010-03-11 08:22 . 2006-11-02 11:18 -------- d-----w- c:program filesWindows Mail
2010-03-11 08:06 . 2008-08-04 18:13 -------- d-----w- c:programdataMicrosoft Help
2010-03-05 22:16 . 2010-03-05 22:16 17408 ----a-r- c:windowssystem32SZIO5.dll
2010-03-05 22:14 . 2010-03-05 22:14 442368 ----a-r- c:windowssystem32SZBase5.dll
2010-03-05 22:13 . 2010-03-05 22:13 540672 ----a-r- c:windowssystem32SZComp5.dll
2010-02-24 19:06 . 2010-02-24 19:06 173328 ----a-r- c:windowssystem32driversSZKGFS.sys
2010-02-20 23:39 . 2010-03-11 08:01 24064 ----a-w- c:windowssystem32nshhttp.dll
2010-02-20 23:37 . 2010-03-11 08:00 31232 ----a-w- c:windowssystem32httpapi.dll
2010-02-20 21:18 . 2010-03-11 08:00 411136 ----a-w- c:windowssystem32drivershttp.sys
2010-02-18 01:48 . 2010-02-18 01:48 72488 ----a-w- c:programdataApple ComputerInstaller CacheiTunes 9.0.3.15SetupAdmin.exe
2010-02-18 01:45 . 2010-02-18 01:45 79144 ----a-w- c:programdataApple ComputerInstaller CacheSafari 5.31.21.10SetupAdmin.exe
2010-02-14 18:05 . 2010-02-14 18:05 3695616 ----a-w- c:programdataLavasoftAd-AwareUpdateAutoLaunch.exe
2010-02-14 18:05 . 2010-02-14 18:05 562552 ----a-w- c:programdataLavasoftAd-AwareUpdateAd-AwareCommand.exe
2010-02-14 18:05 . 2010-02-14 18:05 566632 ----a-w- c:programdataLavasoftAd-AwareUpdateAd-AwareAdmin.exe
2010-02-14 18:05 . 2010-02-14 18:05 2353992 ----a-w- c:programdataLavasoftAd-AwareUpdateAd-Aware.exe
2010-02-14 18:05 . 2010-02-14 18:05 640760 ----a-w- c:programdataLavasoftAd-AwareUpdateAAWWSC.exe
2010-02-14 18:05 . 2010-02-14 18:05 520024 ----a-w- c:programdataLavasoftAd-AwareUpdateAAWTray.exe
2010-02-14 18:04 . 2010-02-14 18:04 1028432 ----a-w- c:programdataLavasoftAd-AwareUpdateAAWService.exe
2010-02-08 11:53 . 2009-09-20 21:06 1 ----a-w- c:usersKrisAppDataRoamingOpenOffice.org3useruno_packagescachestamp.sys
2010-01-25 12:48 . 2010-02-23 23:13 472576 ----a-w- c:windowssystem32secproc_isv.dll
2010-01-25 12:48 . 2010-02-23 23:13 151040 ----a-w- c:windowssystem32secproc_ssp_isv.dll
2010-01-25 12:48 . 2010-02-23 23:13 151040 ----a-w- c:windowssystem32secproc_ssp.dll
2010-01-25 12:48 . 2010-02-23 23:13 472064 ----a-w- c:windowssystem32secproc.dll
2010-01-25 12:45 . 2010-02-23 23:13 329216 ----a-w- c:windowssystem32msdrm.dll
2010-01-25 08:35 . 2010-02-23 23:13 346624 ----a-w- c:windowssystem32RMActivate_ssp_isv.exe
2010-01-25 08:35 . 2010-02-23 23:13 523776 ----a-w- c:windowssystem32RMActivate_isv.exe
2010-01-25 08:34 . 2010-02-23 23:13 511488 ----a-w- c:windowssystem32RMActivate.exe
2010-01-25 08:34 . 2010-02-23 23:13 347136 ----a-w- c:windowssystem32RMActivate_ssp.exe
2010-01-23 09:44 . 2010-02-23 23:14 2048 ----a-w- c:windowssystem32tzres.dll
2010-01-05 22:04 . 2010-04-08 02:57 24376 ----a-w- c:program filesmozilla firefoxcomponentsScriptff.dll
2008-08-04 15:03 . 2008-08-04 15:03 8192 --sha-w- c:windowsUsersDefaultNTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"ehTray.exe"="c:windowsehomeehTray.exe" [2008-01-21 125952]
"Sidebar"="c:program filesWindows Sidebarsidebar.exe" [2008-01-21 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
"LightScribe Control Panel"="c:program filesCommon FilesLightScribeLightScribeControlPanel.exe" [2008-02-26 2289664]
"MsnMsgr"="c:program filesWindows LiveMessengermsnmsgr.exe" [2009-07-26 3883856]
"Aim6"="c:program filesAIM6aim6.exe" [2007-12-19 50528]
"GoToMeeting"="c:program filesCitrixGoToMeeting320g2mstart.exe" [2009-02-18 31552]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"SynTPEnh"="c:program filesSynapticsSynTPSynTPEnh.exe" [2008-04-17 1049896]
"QPService"="c:program filesHPQuickPlayQPService.exe" [2008-06-12 468264]
"hpqSRMon"="c:program filesHPDigital ImagingbinhpqSRMon.exe" [2008-06-02 80896]
"HP Health Check Scheduler"="c:program filesHewlett-PackardHP Health CheckHPHC_Scheduler.exe" [2008-04-15 70912]
"HP Software Update"="c:program filesHpHP Software UpdateHPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:program filesHewlett-PackardHP Wireless AssistantHPWAMain.exe" [2008-04-15 488752]
"SunJavaUpdateSched"="c:program filesJavajre6binjusched.exe" [2009-09-20 149280]
"Ad-Watch"="c:program filesLavasoftAd-AwareAAWTray.exe" [2010-02-14 520024]
"iTunesHelper"="c:program filesiTunesiTunesHelper.exe" [2010-01-23 141608]
"Adobe Reader Speed Launcher"="c:program filesAdobeReader 8.0ReaderReader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe" [2010-03-24 952768]
"NvCplDaemon"="c:windowssystem32NvCpl.dll" [2008-07-11 13543968]
"NvMediaCenter"="c:windowssystem32NvMcTray.dll" [2008-07-11 92704]
"UCam_Menu"="c:program filesCyberLinkYouCamMUITransferMUIStartMenu.exe" [2007-12-24 222504]
"Windows Defender"="c:program filesWindows DefenderMSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:program filesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe" [2008-03-14 202032]
"Intuit SyncManager"="c:program filesCommon FilesIntuitSyncIntuitSyncManager.exe" [2008-09-09 623880]
"QuickTime Task"="c:program filesQuickTimeQTTask.exe" [2009-11-11 417792]
"mcui_exe"="c:program filesMcAfee.comAgentmcagent.exe" [2010-02-04 1179952]

c:usersKrisAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
LimeWire On Startup.lnk - c:program filesLimeWireLimeWire.exe [2008-9-18 147456]
OpenOffice.org 3.1.lnk - c:program filesOpenOffice.org 3programquickstart.exe [2009-8-18 384000]

c:programdataMicrosoftWindowsStart MenuProgramsStartup
QuickBooks Update Agent.lnk - c:program filesCommon FilesIntuitQuickBooksQBUpdateqbupdate.exe [2008-9-11 984352]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalLavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalmcmscsvc]
@=""

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMCODS]
@=""

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinDefend]
@="Service"

R0 szkg5;szkg5;c:windowssystem32DRIVERSszkg.sys [2009-12-07 61328]
R2 gupdate1c993d6de3046c0;Google Update Service (gupdate1c993d6de3046c0);c:program filesGoogleUpdateGoogleUpdate.exe [2009-02-21 133104]
R3 mferkdet;McAfee Inc. mferkdet;c:windowssystem32driversmferkdet.sys [2010-01-05 83496]
S0 is3srv;is3srv;c:windowssystem32driversis3srv.sys [2009-12-07 61328]
S0 Lbd;Lbd;c:windowssystem32DRIVERSLbd.sys [2009-05-26 64160]
S0 szkgfs;szkgfs;c:windowssystem32driversszkgfs.sys [2010-02-24 173328]
S1 mfenlfk;McAfee NDIS Light Filter;c:windowssystem32DRIVERSmfenlfk.sys [2010-01-05 64304]
S1 mfewfpk;McAfee Inc. mfewfpk;c:windowssystem32driversmfewfpk.sys [2010-01-05 160720]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:program filesLavasoftAd-AwareAAWService.exe [2010-02-14 1028432]
S2 McMPFSvc;McAfee Personal Firewall;c:program filesCommon FilesMcafeeMcSvcHostMcSvHost.exe [2009-12-15 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;c:program filesCommon FilesMcafeeMcSvcHostMcSvHost.exe [2009-12-15 271480]
S2 mfefire;McAfee Firewall Core Service;c:program filesCommon FilesMcAfeeSystemCoremfefire.exe [2010-01-05 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:program filesCommon FilesMcAfeeSystemCoremfevtps.exe [2010-01-05 141792]
S2 Recovery Service for Windows;Recovery Service for Windows;c:windowsSMINSTBLService.exe [2008-04-26 361808]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:program filesViewpointCommonViewpointService.exe [2007-01-04 24652]
S3 cfwids;McAfee Inc. cfwids;c:windowssystem32driverscfwids.sys [2010-01-05 55456]
S3 Com4QLBEx;Com4QLBEx;c:program filesHewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe [2008-04-03 193840]
S3 mfefirek;McAfee Inc. mfefirek;c:windowssystem32driversmfefirek.sys [2010-01-05 312584]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:windowssystem32driversnvhda32v.sys [2008-05-09 43040]
S3 OA004Ufd;Creative Camera OA004 Upper Filter Driver;c:windowssystem32DRIVERSOA004Ufd.sys [2008-06-03 144672]
S3 OA004Vid;Creative Camera OA004 Function Driver;c:windowssystem32DRIVERSOA004Vid.sys [2008-07-17 269760]


--- Other Services/Drivers In Memory ---

*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionsvchost]
tapisrvs REG_MULTI_SZ cpqoko6

[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 21:06 451872 ----a-w- c:program filesCommon FilesLightScribeLSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2009-03-18 c:windowsTasksAd-Aware Update (Weekly).job
- c:program filesLavasoftAd-AwareAd-AwareAdmin.exe [2009-03-09 18:05]

2010-04-21 c:windowsTasksGoogle Software Updater.job
- c:program filesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-02-21 23:15]

2010-04-20 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2009-02-21 03:45]

2010-04-09 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2009-02-21 03:45]

2010-04-06 c:windowsTasksHPCeeScheduleForKris.job
- c:program fileshewlett-packardsdpceementHPCEE.exe [2008-08-04 03:03]

2010-04-21 c:windowsTasksUser_Feed_Synchronization-{5DE8E15F-520F-435A-BF31-71EBC4B6D1CD}.job
- c:windowssystem32msfeedssync.exe [2008-01-21 02:24]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyServer = 10.1.1.23:8080
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:progra~1MICROS~3Office12EXCEL.EXE/3000
Trusted Zone: symantec.comssae
Trusted Zone: symantec.comwebdl
Trusted Zone: symantec.comwww
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:program filesIntuitQuickBooks 2009HelpAsyncPluggableProtocol.dll
FF - ProfilePath - c:usersKrisAppDataRoamingMozillaFirefoxProfilesgzb3zgfp.default
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - plugin: c:program filesGoogleGoogle Earthpluginnpgeplugin.dll
FF - plugin: c:program filesGoogleGoogle Updater2.4.1536.6592npCIDetect13.dll
FF - plugin: c:program filesGoogleUpdate1.2.183.23npGoogleOneClick8.dll
FF - plugin: c:program filesMicrosoftOffice LivenpOLW.dll
FF - plugin: c:program filesViewpointViewpoint Media PlayernpViewpoint.dll
FF - plugin: c:program filesWindows LivePhoto GalleryNPWLPG.dll
FF - plugin: c:usersKrisAppDataRoamingMove Networkspluginsnpqmp071701000002.dll
FF - plugin: c:usersKrisAppDataRoamingMozillaFirefoxProfilesgzb3zgfp.defaultextensionsfirefox@tvunetworks.compluginsnpTVUAx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Move Networks Player - IE - c:usersKrisAppDataRoamingMove Networksie_binUninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-20 20:03
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-08002BE10318}0000AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:windowssystem32nvvsvc.exe
c:windowssystem32rundll32.exe
c:windowssystem32WLANExt.exe
c:program filesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
c:program filesBonjourmDNSResponder.exe
c:program filesCommon FilesLightScribeLSSrvc.exe
c:program filesGoogleUpdate1.2.183.23GoogleCrashHandler.exe
c:program filesCommon FilesIntuitQuickBooksQBCFMonitorService.exe
c:program filesCyberLinkShared FilesRichVideo.exe
c:program filesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe
c:windowssystem32DRIVERSxaudio.exe
c:program filesCommon FilesMcAfeeSystemCoremcshield.exe
c:program filesCommon FilesMcAfeeSystemCoremfefire.exe
c:windowsehomeehmsas.exe
c:windowssystem32wbemunsecapp.exe
c:program filesHewlett-PackardSharedhpqWmiEx.exe
c:program filesOpenOffice.org 3programsoffice.exe
c:program filesOpenOffice.org 3programsoffice.bin
c:program filesHewlett-PackardSharedHpqToaster.exe
c:program filesCitrixGoToMeeting320g2mcomm.exe
c:program filesCitrixGoToMeeting320g2mlauncher.exe
c:program filesHewlett-PackardHP Health Checkhphc_service.exe
c:program filesAIM6aolsoftware.exe
c:windowsservicingTrustedInstaller.exe
c:progra~1mcafee.comagentmcupdate.exe
.
**************************************************************************
.
Completion time: 2010-04-20 20:12:30 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-21 00:12

Pre-Run: 179,721,641,984 bytes free
Post-Run: 176,635,367,424 bytes free

- - End Of File - - CE86C8478AD18E8F88424FA833653413

Edited by Budapest, 20 April 2010 - 07:51 PM.
Moved from AII and posts merged ~BP


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:57 PM

Posted 21 April 2010 - 06:53 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:57 PM

Posted 26 April 2010 - 06:44 PM

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users