MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: Computer Running Slow, Combofix and Hijack This Logs
May 19, 2021, 02:24:55 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
May 19, 2021, 02:24:55 AM

Login with username, password and session length
 Featured Sites:
News
Help us help you! Help us help you by helping out! The more people know about us, the more help will be available. Click here to find out how...
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: Computer Running Slow, Combofix and Hijack This Logs  (Read 6696 times)
wolfe
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 74


Bookmark and Share

View Profile
« on: July 09, 2011, 03:27:40 PM »

Hello, computer started running VERY slowly and I'm trying to figure out why.  IT is my dad's and he had AVG, SpyBot, Malware Bytes, Hijack This, Combo Fix and a couple other free programs all running.  I unintalled all and went with Combo Fix and Hijack This for a start.  As soon as I did that it seems to be working much faster but not at the point it should be at.  I have the same exact computer at home and it runs much faster.  Please take a look at these logs and let me know if you see anything that should be fixed.


ComboFix 11-07-08.03 - Johnsons 09/07/2011  11:02:06.2.2 - x86
Running from: c:\users\Johnsons\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Johnsons\kernel32.dll
c:\windows\security\Database\tmp.edb
c:\windows\Update.bat
.
.
(((((((((((((((((((((((((   Files Created from 2011-06-09 to 2011-07-09  )))))))))))))))))))))))))))))))
.
.
2011-07-09 15:14 . 2011-07-09 15:14   --------   d-----w-   c:\users\Public\AppData\Local\temp
2011-07-09 15:14 . 2011-07-09 15:14   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-07-09 14:47 . 2011-07-09 14:47   --------   d-----w-   c:\users\Johnsons\AppData\Local\Seven Zip
2011-06-29 04:14 . 2011-04-29 15:59   276992   ----a-w-   c:\windows\system32\schannel.dll
2011-06-27 14:53 . 2011-06-27 14:53   --------   d-----w-   c:\users\Johnsons\AppData\Local\{D222B517-21A6-4E68-A175-AA69A2778AE2}
2011-06-27 02:53 . 2011-06-27 02:53   --------   d-----w-   c:\users\Johnsons\AppData\Local\{934FEB9F-A79A-431B-8782-7B5B00E7FB1C}
2011-06-26 14:52 . 2011-06-26 14:52   --------   d-----w-   c:\users\Johnsons\AppData\Local\{A420EE45-F724-4439-9C76-161CC1CBA3B1}
2011-06-26 02:52 . 2011-06-26 02:52   --------   d-----w-   c:\users\Johnsons\AppData\Local\{E3609551-ACC1-4B1B-AA5F-47A22A89855A}
2011-06-25 14:52 . 2011-06-25 14:52   --------   d-----w-   c:\users\Johnsons\AppData\Local\{83A2BB7E-E951-4555-ABEA-E5150A4C9AEB}
2011-06-25 02:51 . 2011-06-25 02:51   --------   d-----w-   c:\users\Johnsons\AppData\Local\{0B878830-32B7-4897-A673-29AC1558BEB4}
2011-06-24 14:51 . 2011-06-24 14:51   --------   d-----w-   c:\users\Johnsons\AppData\Local\{DD9827CC-AF4D-46B0-B3BE-05295C156BAD}
2011-06-24 02:51 . 2011-06-24 02:51   --------   d-----w-   c:\users\Johnsons\AppData\Local\{6DAA34B7-80B8-4269-A9C9-E87950AE4EA7}
2011-06-23 14:50 . 2011-06-23 14:51   --------   d-----w-   c:\users\Johnsons\AppData\Local\{4E4E614E-C238-466A-A008-8D8D14C1AD64}
2011-06-23 02:50 . 2011-06-23 02:50   --------   d-----w-   c:\users\Johnsons\AppData\Local\{C42DF473-26AC-4BD0-A65E-026980321BE6}
2011-06-22 14:50 . 2011-06-22 14:50   --------   d-----w-   c:\users\Johnsons\AppData\Local\{3E4E64A8-B853-4B6A-AED1-2EC9A28AB235}
2011-06-22 02:49 . 2011-06-22 02:49   --------   d-----w-   c:\users\Johnsons\AppData\Local\{33A4C733-845F-4C8F-A024-461227FB4AC1}
2011-06-21 14:49 . 2011-06-21 14:49   --------   d-----w-   c:\users\Johnsons\AppData\Local\{23C8E515-9D1B-4BD3-854F-26F8FD8A0EF2}
2011-06-21 02:49 . 2011-06-21 02:49   --------   d-----w-   c:\users\Johnsons\AppData\Local\{A4FDB5E3-01DB-4690-85E1-B325C7EF7872}
2011-06-20 14:49 . 2011-06-20 14:49   --------   d-----w-   c:\users\Johnsons\AppData\Local\{2DD40C0C-FCC7-4E35-8BF2-02F12526A826}
2011-06-20 02:50 . 2011-06-20 02:50   --------   d-----w-   c:\users\Johnsons\AppData\Local\{93A93318-BD55-44A8-8628-0208C02FC45D}
2011-06-19 14:50 . 2011-06-19 14:50   --------   d-----w-   c:\users\Johnsons\AppData\Local\{4E0D3154-845D-412F-9833-065A923F3AF7}
2011-06-19 02:50 . 2011-06-19 02:50   --------   d-----w-   c:\users\Johnsons\AppData\Local\{DE962177-548E-43DE-BD5A-7DBCE131554C}
2011-06-18 14:49 . 2011-06-18 14:49   --------   d-----w-   c:\users\Johnsons\AppData\Local\{D11026A2-DA90-41F6-B5C5-B756C3821C8E}
2011-06-18 02:49 . 2011-06-18 02:49   --------   d-----w-   c:\users\Johnsons\AppData\Local\{10B6D253-AC32-4447-9D52-04AFCB388977}
2011-06-17 14:49 . 2011-06-17 14:49   --------   d-----w-   c:\users\Johnsons\AppData\Local\{8F7D4A6D-A14A-4415-B9B6-9B35F07E72D1}
2011-06-17 02:49 . 2011-06-17 02:49   --------   d-----w-   c:\users\Johnsons\AppData\Local\{2A6181FE-0012-4995-B624-E1F60DEFC508}
2011-06-16 14:48 . 2011-06-16 14:48   --------   d-----w-   c:\users\Johnsons\AppData\Local\{BD2B9767-DE1A-405E-AC2B-DCE040CC8067}
2011-06-16 01:34 . 2011-04-14 14:59   75264   ----a-w-   c:\windows\system32\drivers\dfsc.sys
2011-06-16 01:34 . 2011-04-21 13:58   273408   ----a-w-   c:\windows\system32\drivers\afd.sys
2011-06-16 01:34 . 2011-04-29 13:25   146432   ----a-w-   c:\windows\system32\drivers\srv2.sys
2011-06-16 01:34 . 2011-04-29 13:25   102400   ----a-w-   c:\windows\system32\drivers\srvnet.sys
2011-06-15 02:48 . 2011-06-16 02:48   --------   d-----w-   c:\users\Johnsons\AppData\Local\{45FAEEAE-7F0A-4CB8-BA22-5669766F986D}
2011-06-14 14:47 . 2011-06-14 14:47   --------   d-----w-   c:\users\Johnsons\AppData\Local\{DB006EA9-13F8-434B-AD2B-967771E6C821}
2011-06-14 02:47 . 2011-06-14 02:47   --------   d-----w-   c:\users\Johnsons\AppData\Local\{A02B4D5C-3A50-45EE-A5B2-13ADB5301696}
2011-06-13 14:46 . 2011-06-13 14:46   --------   d-----w-   c:\users\Johnsons\AppData\Local\{C0FC567D-CD12-4D54-8D56-67285459AB6F}
2011-06-13 02:46 . 2011-06-13 02:46   --------   d-----w-   c:\users\Johnsons\AppData\Local\{0617969A-53D9-402B-B67B-7BCAE7BB1788}
2011-06-12 14:51 . 2011-06-12 14:51   --------   d-----w-   c:\users\Johnsons\AppData\Local\{327CF95C-925A-4FBD-9CCF-1BC124E3B40A}
2011-06-12 02:51 . 2011-06-12 02:51   --------   d-----w-   c:\users\Johnsons\AppData\Local\{A861BA1F-EE68-45B9-BB9F-8CC9BB6A9B44}
2011-06-11 14:50 . 2011-06-11 14:51   --------   d-----w-   c:\users\Johnsons\AppData\Local\{2AE5B814-3088-4127-B62C-3391EBEA773A}
2011-06-11 02:50 . 2011-06-11 02:50   --------   d-----w-   c:\users\Johnsons\AppData\Local\{7F85AD1A-32E9-4840-9C06-DD27525BF65C}
2011-06-10 14:50 . 2011-06-10 14:50   --------   d-----w-   c:\users\Johnsons\AppData\Local\{64F2B18D-D14A-4124-B46B-8F3917436E6B}
2011-06-10 02:50 . 2011-06-10 02:50   --------   d-----w-   c:\users\Johnsons\AppData\Local\{4C0659C9-591A-4F03-AF06-775EB8491F52}
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-30 02:17 . 2009-11-12 03:00   101720   ----a-w-   c:\windows\system32\drivers\SBREDrv.sys
2011-05-04 08:52 . 2010-08-04 01:09   472808   ----a-w-   c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdloader"="c:\users\Johnsons\AppData\Roaming\mjusbsp\cdloader2.exe" [2010-12-03 50592]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="sttray.exe" [2006-11-02 303104]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-12-12 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-12-12 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-12-12 81920]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-499970891-710278843-565965484-500]
"EnableNotificationsRef"=dword:00000002
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9880b431fef90;Google Update Service (gupdate1c9880b431fef90);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-06 133104]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-06 133104]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys
R3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 2589184]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork   REG_MULTI_SZ      PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-06 00:14]
.
2011-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-06 03:30]
.
2011-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-06 03:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.sympatico.ca/default.aspx?lang=en-CA
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3611
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-09 11:15
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-07-09  11:22:37
ComboFix-quarantined-files.txt  2011-07-09 15:22
ComboFix2.txt  2010-11-05 00:36
.
Pre-Run: 98,278,449,152 bytes free
Post-Run: 98,604,199,936 bytes free
.
- - End Of File - - 4BCAAB0F7AD4D65F92FA737FC1FDCE4D
Logged

 
wolfe
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 74


Bookmark and Share

View Profile
« Reply #1 on: July 09, 2011, 03:28:47 PM »

Logfile of HijackThis v1.99.1
Scan saved at 11:28:27 AM, on 09/07/2011
Platform: Unknown Windows (WinNT 6.00.1906 SP2)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\WINDOWS\sttray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\PEV.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Johnsons\Documents\Spyware, Adware and Virus Tools\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/default.aspx?lang=en-CA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3611
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [cdloader] "C:\Users\Johnsons\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-ca.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Update Service (gupdate1c9880b431fef90) (gupdate1c9880b431fef90) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #2 on: July 09, 2011, 10:52:48 PM »

Thats all fine.I see no problems.My only comment is this......

You should not be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.
When issues arise due to complex malware infections, possible false detections, problems running ComboFix or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment.

Please read the pinned topic ComboFix usage, Questions, Help? - Look here




Logged

An Australian Member of

EDDY
wolfe
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 74


Bookmark and Share

View Profile
« Reply #3 on: July 10, 2011, 03:19:26 AM »

Ok, thanks for the help and advise
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #4 on: July 10, 2011, 03:52:44 AM »

Your welcome.
Logged

An Australian Member of

EDDY
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page October 29, 2018, 02:10:01 PM