We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Hijacked links?
Comments
-
Commit figures now:
Total 271060
Limit 2562008
Peak 699184If you lend someone a tenner and never see them again, it was probably worth it.0 -
-
Not sure why malwarebytes is crashing, try running start, run
chkdsk c: /r
on the drive, answer Y, and it will check on reboot (might take a while if you want to do it before shopping)
Ok, doing this next.If you lend someone a tenner and never see them again, it was probably worth it.0 -
Right then, the chkdsk also caused the PC to crash. It fixed some bad clusters in 17137 (some sample photo that I've now deleted), got about 27% through "verifying file data" (stage 4 of 5), then crashed. Did this twice to make sure.
This is irritating purely because it's all extremely time consuming. Oh well, what's next then please?
If you lend someone a tenner and never see them again, it was probably worth it.0 -
hmmmm.....apart from having the smallest HJT log I've ever seen
might be time to try combofix..last one I saw that showed scrambled displays like you describe was deeply infected..
restart the pc in safe mode with networking,
download combofix:-
http://www.bleepingcomputer.com/download/anti-virus/combofix
will take you to the download page. Choose to Save the file, on your desktop.
Double-click to run CF, and follow the instructions (you will have to turn off your anti-virus prog, and if it needs to install the windows recovery console, then it's safe to do so. Once it's finished, post the log back here.......Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple0 -
hmmmm.....apart from having the smallest HJT log I've ever seen
I got told to delete most of it!
Seriously - you lot could be telling me that the best way to sort it is to take a nice big magnet to the hard drive, and I'd probably do it.
Well, ok, not that one.
Off to do the combofix thing now then...If you lend someone a tenner and never see them again, it was probably worth it.0 -
a small hjt log is not a bad thing...we're just used to seeing monsters posted on here
......Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple0 -
Combofix link 1 or 2?If you lend someone a tenner and never see them again, it was probably worth it.0
-
either should be fine, just two alternative download sites for the same thing......Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple0 -
ComboFix 10-08-14.06 - Administrator 15/08/2010 17:10:56.1.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1982.1733 [GMT 1:00]
Running from: c:\documents and settings\Administrator.USER-3FB2744D6A\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\user\Local Settings\Application Data\{D24CA585-8846-45D9-86DA-9D38AE8BA623}
c:\documents and settings\user\Local Settings\Application Data\{D24CA585-8846-45D9-86DA-9D38AE8BA623}\chrome.manifest
c:\documents and settings\user\Local Settings\Application Data\{D24CA585-8846-45D9-86DA-9D38AE8BA623}\chrome\content\_cfg.js
c:\documents and settings\user\Local Settings\Application Data\{D24CA585-8846-45D9-86DA-9D38AE8BA623}\chrome\content\overlay.xul
c:\documents and settings\user\Local Settings\Application Data\{D24CA585-8846-45D9-86DA-9D38AE8BA623}\install.rdf
.
((((((((((((((((((((((((( Files Created from 2010-07-15 to 2010-08-15 )))))))))))))))))))))))))))))))
.
2010-08-15 15:52 . 2010-08-15 15:52
d
w- c:\documents and settings\Administrator.USER-3FB2744D6A\Local Settings\Application Data\Mozilla
2010-08-14 23:35 . 2010-08-14 23:40
d
w- c:\documents and settings\user\Application Data\Nokia
2010-08-14 23:24 . 2010-08-14 23:24 204496 ----a-w- C:\StartUpLite.exe
2010-08-14 22:45 . 2010-08-15 16:04
d
w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-08-14 19:39 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-14 19:39 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-13 22:27 . 2010-08-13 22:27
d
w- c:\program files\Common Files\Logitech
2010-08-13 22:27 . 2010-08-13 22:27
d
w- c:\documents and settings\user\Local Settings\Application Data\Downloaded Installations
2010-07-30 13:30 . 2010-07-30 13:30
d
w- c:\documents and settings\user\.gnubg
2010-07-30 13:29 . 2010-07-30 13:29 25135242 ----a-w- C:\gnubg-MAIN-20100713-setup.exe
2010-07-29 12:51 . 2010-07-29 12:54 8573648 ----a-w- C:\Firefox Setup 3.6.8.exe
2010-07-19 18:20 . 2010-07-19 18:23
d
w- c:\documents and settings\All Users\Application Data\DivX
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-15 16:16 . 2009-01-04 16:08 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-08-15 16:16 . 2009-01-04 16:08 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2010-08-14 22:52 . 2008-08-17 07:05
d
w- c:\program files\Alwil Software
2010-08-14 22:50 . 2008-09-27 20:21
d
w- c:\documents and settings\user\Application Data\SUPERAntiSpyware.com
2010-08-14 22:50 . 2008-09-27 20:21
d
w- c:\program files\SUPERAntiSpyware
2010-08-14 22:49 . 2008-04-12 22:52
d
w- c:\program files\Lavasoft
2010-08-14 19:59 . 2008-05-24 16:16
d
w- c:\documents and settings\All Users\Application Data\Google Updater
2010-08-14 19:39 . 2009-01-30 15:17
d
w- c:\program files\Malwarebytes' Anti-Malware
2010-08-14 19:37 . 2008-09-28 21:48
d
w- c:\program files\Spybot - Search & Destroy
2010-07-31 01:54 . 2009-04-30 17:36
d
w- c:\documents and settings\user\Application Data\Spotify
2010-07-30 13:30 . 2007-02-08 21:49
d
w- c:\program files\gnubg
2010-07-22 22:29 . 2010-07-22 22:29 655360 ----a-w- c:\documents and settings\user\Application Data\Spotify\Gracenote\gnsdk_sdkmanager.dll
2010-07-22 22:29 . 2010-07-22 22:29 282624 ----a-w- c:\documents and settings\user\Application Data\Spotify\Gracenote\gnsdk_musicid_file.dll
2010-07-22 22:29 . 2010-07-22 22:29 208896 ----a-w- c:\documents and settings\user\Application Data\Spotify\Gracenote\gnsdk_dsp.dll
2010-07-19 18:24 . 2010-07-19 18:24 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-19 18:23 . 2008-06-22 01:36
d
w- c:\program files\DivX
2010-07-19 18:23 . 2009-11-16 23:28
d
w- c:\program files\Common Files\DivX Shared
2010-07-19 18:23 . 2010-07-19 18:23 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-19 18:23 . 2010-07-19 18:23 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
2010-07-19 18:22 . 2008-06-22 01:39
d
w- c:\documents and settings\user\Application Data\DivX
2010-07-19 18:22 . 2010-07-19 18:22 84054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
2010-07-19 18:22 . 2010-07-19 18:22 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-07-19 18:21 . 2010-07-19 18:21 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-07-19 18:21 . 2010-07-19 18:21 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-07-19 18:21 . 2010-07-19 18:21 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-19 18:21 . 2010-07-19 18:21 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-07-19 18:21 . 2010-07-19 18:21 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-07-19 18:20 . 2010-07-19 18:23 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-07-19 18:20 . 2010-07-19 18:23 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-06-30 12:31 . 2004-08-12 14:04 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-29 21:21 . 2010-06-06 21:55
d
w- c:\program files\SpeedFan
2010-06-24 12:10 . 2004-08-12 14:09 667136 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:10 . 2004-08-12 13:58 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-23 13:44 . 2004-08-12 14:09 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-12 14:06 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-12 13:57 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2007-02-08 13:04 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-12 14:01 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-09 23:01 . 2008-06-22 01:37 45648
w- c:\windows\system32\drivers\PxHelp20.sys
2010-06-09 23:01 . 2008-06-22 01:37 126448
w- c:\windows\system32\pxinsi64.exe
2010-06-09 23:01 . 2008-06-22 01:37 123888
w- c:\windows\system32\pxcpyi64.exe
2010-06-09 23:01 . 2008-06-22 01:37 133616
w- c:\windows\system32\pxafs.dll
2010-06-06 21:54 . 2010-06-06 21:54 1891864 ----a-w- C:\installspeedfan440.exe
2010-05-26 14:51 . 2007-07-01 01:34 45312 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"S3Trayp"="S3trayp.exe" [2005-10-31 163840]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 16143872]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Tams11\\Games\\Wiz Word\\wizword.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\Cyanide\\Blood Bowl\\Autorun\\Exe\\Autorun.exe"=
"c:\\Program Files\\Cyanide\\Blood Bowl\\BB.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires\\EMPIRES.EXE"=
"c:\\Program Files\\Microsoft Games\\Age of Empires\\EMPIRESX.EXE"=
R3 S3G700;S3G700;c:\windows\system32\drivers\S3G700m.sys [08/02/2007 14:45 794624]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [14/08/2010 20:39 38224]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 12:31 92008]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [28/12/2009 19:28 135664]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0fd32ad4-948c-11dd-ae86-0016179c7907}]
\Shell\AutoRun\command - E:\Autorun.exe /run
\Shell\Shell00\Command - E:\Autorun.exe /run
\Shell\Shell01\Command - E:\Autorun.exe /action
\Shell\Shell02\Command - E:\Autorun.exe /uninstall
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd311f7a-c4fb-11dc-ad38-0016179c7907}]
\Shell\AutoRun\command - E:\InstallTomTomHOME.exe
.
Contents of the 'Scheduled Tasks' folder
2010-08-15 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-24 17:24]
2010-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 18:28]
2010-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 18:28]
.
.
Supplementary Scan
.
uStart Page = hxxp://mail.lycos.com/lycos/Index.lycos
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\ujyggtk8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://mail.lycos.com/lycos/Index.lycos
FF - component: c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\ujyggtk8.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\ujyggtk8.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-CTFMON - (no file)
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-15 17:16
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
LOCKED REGISTRY KEYS
[HKEY_USERS\S-1-5-21-602162358-515967899-682003330-1004\Software\SecuROM\License information*]
"datasecu"=hex:ff,4f,b0,d4,57,ff,9b,fe,72,07,7a,c8,bf,4e,5c,b5,6a,63,6e,49,59,
cd,bd,93,bb,ae,33,bd,69,a3,45,6e,b9,85,6f,c8,b3,cf,8d,57,09,26,77,5f,b7,0c,\
"rkeysecu"=hex:4f,71,6d,40,a0,60,33,74,b1,6d,94,fa,68,ae,dd,37
.
DLLs Loaded Under Running Processes
- - - - - - - > 'explorer.exe'(4288)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Other Running Processes
.
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\S3trayp.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-08-15 17:24:14 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-15 16:24
Pre-Run: 35,142,615,040 bytes free
Post-Run: 33,323,134,976 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 9E72EF7488575522EAD25284FDBE6BD0If you lend someone a tenner and never see them again, it was probably worth it.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.3K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601.1K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards