Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

User Tag List

Can anyone check my ComboFix log?

This is a discussion on Can anyone check my ComboFix log? within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. Hey, just ran combofix. So i was wondering if anyone could check my log? well, here it is:) ComboFix 12-06-05.01


 
 
Thread Tools Search this Thread
Old 06-05-2012, 07:44 AM   #1
Registered Member
 
Join Date: Jun 2012
Posts: 1
OS: Windows 7 Home Premium



Hey, just ran combofix. So i was wondering if anyone could check my log?
well, here it is:)

ComboFix 12-06-05.01 - Hans 05.06.2012 14:24:12.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1033.18.4095.2222 [GMT 2:00]
Kjører fra: c:\users\Hans\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: SPYWAREfighter *Disabled/Updated* {2CA2BED9-C3E1-63C9-3FCE-3527C816A7C9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\9tlerxv1.vbt
.
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2012-05-05 til 2012-06-05 )))))))))))))))))))))))))))))))))
.
.
2012-06-05 11:52 . 2012-06-05 12:22 -------- d-----w- c:\programdata\clp
2012-06-05 11:51 . 2012-06-05 11:51 -------- d-----w- c:\program files (x86)\Common Files\Common Toolkit Suite
2012-06-05 11:51 . 2012-06-05 11:51 -------- d-----w- c:\program files (x86)\Fighters
2012-06-05 11:51 . 2012-06-05 11:51 -------- d-----w- c:\programdata\Common Toolkit Suite
2012-06-05 11:50 . 2012-06-05 11:51 -------- d-----w- c:\programdata\Fighters
2012-06-05 11:31 . 2012-05-14 23:41 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D14AE41C-C96D-4DD3-82D1-06A091F735B7}\mpengine.dll
2012-06-05 11:24 . 2012-06-05 11:24 0 ----a-w- c:\windows\ativpsrm.bin
2012-06-05 11:17 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2012-06-05 11:17 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-06-05 11:17 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2012-06-05 11:07 . 2012-06-05 11:07 -------- d-----w- c:\windows\system32\Wat
2012-06-05 10:54 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-06-05 10:54 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-06-05 10:54 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-06-05 10:54 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-06-05 10:54 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-06-05 10:51 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-06-05 10:48 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-06-05 06:10 . 2012-06-04 20:25 -------- d-----w- c:\windows\Panther
2012-06-04 21:59 . 2012-06-05 11:29 -------- d-----w- c:\program files (x86)\Runes of Magic
2012-06-04 20:49 . 2012-06-05 11:25 -------- d-----w- c:\program files (x86)\Steam
2012-06-04 20:43 . 2012-06-04 20:43 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-06-04 20:39 . 2012-06-04 20:39 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-06-04 20:39 . 2012-06-04 20:39 -------- d-----r- c:\program files (x86)\Skype
2012-06-04 20:39 . 2012-06-04 20:39 -------- d-----w- c:\programdata\Skype
2012-06-04 20:37 . 2012-06-04 20:39 -------- d-----w- c:\program files (x86)\Google
2012-06-04 20:37 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-06-04 20:37 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-06-04 20:37 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-04 20:37 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-06-04 20:37 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-06-04 20:37 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-06-04 20:37 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-06-04 20:37 . 2012-06-05 11:52 -------- d-sh--w- c:\windows\Installer
2012-06-04 20:35 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-06-04 20:35 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-06-04 20:35 . 2012-06-04 20:35 -------- d-----w- c:\programdata\AVAST Software
2012-06-04 20:35 . 2012-06-04 20:35 -------- d-----w- c:\program files\AVAST Software
2012-06-04 20:35 . 2012-06-04 20:35 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-06-04 20:26 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-04 20:26 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-04 20:26 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-04 20:26 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-06-04 20:26 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-04 20:26 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-06-04 20:25 . 2012-06-04 20:56 -------- d-----w- c:\users\Hans
2012-06-04 20:25 . 2012-06-04 20:25 -------- d-----w- C:\Recovery
2012-05-30 09:48 . 2012-05-30 09:48 13720 ----a-w- c:\windows\system32\drivers\avfsfilter.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-05 11:09 . 2012-06-05 11:09 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-06-05 11:09 . 2012-06-05 11:09 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-06-05 11:09 . 2012-06-05 11:09 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-06-05 11:09 . 2012-06-05 11:09 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-06-05 11:09 . 2012-06-05 11:09 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-06-05 11:09 . 2012-06-05 11:09 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-03-31 04:39 . 2012-06-05 10:52 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 04:39 . 2012-06-05 10:52 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
.
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"CommonToolkitTray"="c:\program files (x86)\Fighters\Tray\FightersTray.exe" [2012-01-18 1452680]
"SWPROguard"="c:\program files (x86)\Fighters\SPYWAREfighter\swprotray.exe" [2012-05-30 1200752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 gupdate;Google-oppdatering-tjenesten (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-04 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856]
R3 gupdatem;Google-oppdatering-tjenesten (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-04 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Suite Service;Suite Service;c:\program files (x86)\Fighters\FighterSuiteService.exe [2012-01-23 1324680]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 skfiltv;skfiltv;c:\windows\system32\drivers\skfiltv.sys [x]
.
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-04 20:37]
.
2012-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-04 20:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Tilleggsskanning -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 193.213.112.4 130.67.15.198 10.0.0.138
FF - ProfilePath - c:\users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\fbnyzj2v.default\
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Engine Scanning Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Watch Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Engine Scanning Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AV Watch Service]
"ImagePath"="C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe"
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
c:\program files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2012-06-05 14:53:00 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt 2012-06-05 12:52
.
Pre-Run: 1 961 766 023 168 bytes free
Post-Run: 1 961 251 164 160 bytes free
.
- - End Of File - - B7BDEC58ACEDD7794215A685790978D5
haan1997 is offline  
Sponsored Links
Advertisement
 
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
COMBOFIX log report- could someone help me please?
Hi Everyone, I have a feeling that my laptop is infected with some virus. Even google recommended me to download HijackThis software as it said "Our systems have detected unusual traffic from your computer network." ??!!?? I run Combofix on my pc and got the following report. Could someone...
SusieHun Inactive Malware Help Topics 0 01-22-2012 12:01 PM
[SOLVED] Very random BSOD for about six months now
hey guys i'm new here but not new to forums this is my fourth membership i think, and would really appreciate some help. My computer without warning will shut down. Occasionally it will display a bsod but mostly not. After it shuts down, it will reboot. the shut downs are so random its hard to...
Clavis BSOD, App Crashes And Hangs 13 03-01-2011 01:59 PM
Windows 7 BSOD - Memory management
Been getting BSOD. Sometimes twice a night, sometimes none. This hass been for weeks. Sometimes I get stuck in a reboot loop, sometimes it wants to run Repair, sometimes it wants me to choose safe mode/no safe mode. Pulled out two 1GB sticks of old dell memory yesterday when it was stuck in a...
dj-anakin BSOD, App Crashes And Hangs 7 02-21-2011 04:27 PM
Plug and Play Causes Services to run 100%
About i week ago I booted my computer and noticed that it was running extremly slow. I opened task manager and found that services.exe was running up my CPU. After going through msconfig and using trial and error, i found that it wouldn't drive it up if i had Plug and Play unchecked. So my...
logicalman Resolved HJT Threads 46 02-09-2011 05:51 AM
IE cannot display the webpage - occurs only with Windows Update
Hello, I had (or have, as Geekgirl suggested when directing me to this forum) a virus. It started when a scanner popped up and kindly offered to find and delete viruses on my computer. I was certain it was a virus itself, but I could not stop it without doing a hard shutdown, not to mention...
misha.spisok Resolved HJT Threads 27 01-10-2011 12:47 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 09:47 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts