Can't remove trojan help

By Kiwi4
Jun 2, 2009
Topic Status:
Not open for further replies.
  1. AVG detected that I have a trojan virus infecting thees files when I open up Mozilla Firefox:

    c:\Windows\system32\drivers\gxvxfaxpycrdriifwxncvirgvwwubodjomwp.sys
    C:\Windows\system32\gxvxcnatoqwjxnnacptuuusenlldxvcrawixh.dll
    C:\Windows\system32\gxvxcgjavcjjrbaieysrojipcsruayfnvcml.dll

    I can only get on my laptop in safe mode. It will not boot normally!

    I installed from another computer the recommended programs of: Malwarebytes. SuperAntiSpyware, Hijackthis but none of which will run on my computer. When I attempt to use them my computer shuts down. Same thing happens when I use SpyBot Search and Destroy or any other anti-virus software. Any ideas on how to get rid of the trojan?
  2. touch

    touch Newcomer, in training Posts: 978

    Hello Kiwi4

    Please download combofix here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    Before Saving it to Desktop, please rename it to something like 123.com to stop malware from disabling it.

    Now, please make sure no other programs are running, close all other windows.

    Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
    Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
    It may take a while to complete scanning and this is normal.

    You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
    scanning has completed.

    Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post
  3. Kiwi4

    Kiwi4 Newcomer, in training Topic Starter

    Thank you for the reply. I ran the combo fix as suggested. Here's my log file:

    ComboFix 09-06-05.07 - Nicole 06/06/2009 10:54.1 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1013.325 [GMT -4:00]
    Running from: c:\users\Nicole\Downloads\1234.com
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: McAfee VirusScan *On-access scanning enabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
    SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\Nicole\AppData\Roaming\inst.exe
    c:\windows\system32\drivers\gxvxcfaxpycrdriifwxncvirgvwwubodjomwp.sys
    c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
    c:\windows\system32\gxvxcgjavcjjrbaieysrojipcsruoayfnvjcm.dll
    c:\windows\system32\gxvxcnatoqwjxnnacptuuusenlldxvcrawixh.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_gxvxcserv.sys


    ((((((((((((((((((((((((( Files Created from 2009-05-06 to 2009-06-06 )))))))))))))))))))))))))))))))
    .

    2009-06-06 14:59 . 2009-06-06 15:18 -------- d-----w- c:\users\Nicole\AppData\Local\temp
    2009-06-05 22:38 . 2009-06-05 22:38 -------- d-sh--w- C:\found.000
    2009-06-02 12:01 . 2009-06-02 12:01 -------- d-----w- c:\program files\Trend Micro
    2009-06-02 12:00 . 2009-05-26 17:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-06-02 12:00 . 2009-06-02 12:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-06-02 12:00 . 2009-06-02 12:00 -------- d-----w- c:\progra~2\Malwarebytes
    2009-06-02 12:00 . 2009-05-26 17:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-06-02 11:54 . 2009-06-02 11:54 -------- d-----w- c:\program files\CCleaner
    2009-06-02 11:02 . 2009-06-02 11:04 -------- d-s---w- C:\123

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-06-06 15:00 . 2008-08-04 07:49 -------- d-----w- c:\users\Nicole\AppData\Roaming\Spyware Terminator
    2009-06-06 15:00 . 2008-08-04 18:17 -------- d-----w- c:\progra~2\Spyware Terminator
    2009-06-06 14:47 . 2008-03-23 17:54 -------- d-----w- c:\users\Nicole\AppData\Roaming\Skype
    2009-06-06 12:07 . 2008-03-23 17:56 -------- d-----w- c:\users\Nicole\AppData\Roaming\skypePM
    2009-06-02 11:11 . 2007-08-02 05:45 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2009-06-01 17:02 . 2008-06-16 16:33 -------- d-----w- c:\progra~2\avg8
    2009-05-21 17:48 . 2007-07-29 05:31 -------- d-----w- c:\users\Nicole\AppData\Roaming\uTorrent
    2009-05-18 13:54 . 2007-11-07 09:04 -------- d-----w- c:\users\Nicole\AppData\Roaming\.purple
    2009-05-17 23:46 . 2008-06-13 23:46 -------- d-----w- c:\progra~2\Symantec
    2009-05-17 23:40 . 2008-04-07 07:48 -------- d-----w- c:\program files\Norton Security Scan
    2009-05-17 23:39 . 2008-06-15 23:01 -------- d-----w- c:\program files\Common Files\Symantec Shared
    2009-05-15 20:00 . 2007-06-07 02:52 -------- d-----w- c:\users\Nicole\AppData\Roaming\SiteAdvisor
    2009-05-15 14:28 . 2009-02-12 01:30 11952 ----a-w- c:\windows\system32\avgrsstx.dll
    2009-05-15 14:28 . 2008-06-16 16:34 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2009-05-15 14:28 . 2008-06-16 16:34 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
    2009-05-14 08:06 . 2007-03-28 12:14 -------- d-----w- c:\progra~2\Microsoft Help
    2009-05-14 08:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
    2009-03-21 05:22 . 2009-03-21 05:22 125 ----a-w- C:\DelUS.bat
    2009-03-17 03:16 . 2009-04-17 01:04 14848 ----a-w- c:\windows\system32\apilogen.dll
    2009-03-17 03:16 . 2009-04-17 01:04 25600 ----a-w- c:\windows\system32\amxread.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-10 417792]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
    "LaunchList"="c:\program files\Pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 145496]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-31 131072]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-31 151552]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-31 126976]
    "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-02-13 405504]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-02-02 835584]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-26 1840128]
    "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-20 411768]
    "HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-08 55416]
    "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-01-19 448632]
    "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-01-17 534648]
    "SiteAdvisor"="c:\program files\SiteAdvisor\6261\SiteAdv.exe" [2006-10-18 35928]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-10-26 185632]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-09-26 267064]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-15 1947928]
    "SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-08-04 1783808]
    "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-02-07 4374528]
    "NDSTray.exe"="NDSTray.exe" [BU]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\windows\System32\avgrsstx.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux3"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"
  4. Kiwi4

    Kiwi4 Newcomer, in training Topic Starter

    my log post exceeds limits
  5. Kiwi4

    Kiwi4 Newcomer, in training Topic Starter

    attempting to post log file still....
  6. Kiwi4

    Kiwi4 Newcomer, in training Topic Starter

    still isn't letting me
  7. Kiwi4

    Kiwi4 Newcomer, in training Topic Starter

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{28130F52-3192-4018-8632-71B8A84086BB}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
    "{F23D7922-BC62-499A-9DB6-3C87C8BF517E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{ABBC0027-5D31-4A5A-9F7C-7693744AAF11}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{8FF0287A-10D9-4A8B-BFFB-5C17484BF75D}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
    "{CBE8D9C2-70EC-4D76-9224-650FE27170CA}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
    "{BC175D89-50EA-4ECD-B777-F8B2BB4F63E4}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{2C7FCD33-B00A-4EA2-A7D3-46FA9AFAC85A}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{0375E23F-084E-4A6C-8E26-89CA8D8158A7}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{0A780A99-0D9E-492C-8DAB-F7C6A265EEAB}"= UDP:c:\program files\Pinnacle\Studio 11\programs\RM.exe:Render Manager
    "{287AB078-3896-4616-90E6-84FD1CBB8160}"= TCP:c:\program files\Pinnacle\Studio 11\programs\RM.exe:Render Manager
    "{B9A9F7D1-2E8F-47DA-AA19-AFC95A00AADC}"= UDP:c:\program files\Pinnacle\Studio 11\programs\Studio.exe:Studio
    "{DC33EA1F-92AD-422A-82D6-DBB78F0F240B}"= TCP:c:\program files\Pinnacle\Studio 11\programs\Studio.exe:Studio
    "{F398248E-8B20-4F3B-B9A8-8A0788A110B7}"= UDP:c:\program files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:pMSRegisterFile
    "{A563E240-9C52-41B7-BC6C-71AD06E380E8}"= TCP:c:\program files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:pMSRegisterFile
    "{AED2EA8D-3CCD-483D-B8D0-A76C246FF719}"= UDP:c:\program files\Pinnacle\Studio 11\programs\umi.exe:umi
    "{1182779B-8CDF-4766-B918-1CEB0DEBD155}"= TCP:c:\program files\Pinnacle\Studio 11\programs\umi.exe:umi
    "{706CBF08-083A-4F2B-90C4-F83668D20164}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{C34FF2CE-F450-46DA-91D1-71DF66D22DE9}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
    "{501942C3-F957-47F8-BB8C-E39B153A5B27}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
    "{8F7622AA-1AD3-467A-A022-82A2F78A97B4}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{60D08683-3264-47CE-9664-9F93CB0DFF48}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype
    "{96332A51-89F1-4AC2-85C8-36A1E39CBD56}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype
    "{4656517F-02B4-4970-8F7D-0AA3D7CAFD21}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
    "TCP Query User{E8EEDF1B-E05F-44E6-9F04-6E1CCF2CA0E0}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
    "UDP Query User{A1A39CCF-50FE-4863-8B2E-5C443021A3C2}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
    "TCP Query User{E7D5F52C-B30E-487B-9540-13773F433B81}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
    "UDP Query User{3ECB5C01-C680-49EC-A481-EAD98687A05E}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
    "TCP Query User{9B205CE7-E22C-47E8-9D8D-F1979D91B235}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
    "UDP Query User{A4550CFA-9D9E-4FD1-8202-F995FF4564F4}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
    "TCP Query User{A002665D-BFFC-4889-AA70-7D8B33AD6C6F}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype
    "UDP Query User{38CDFE07-0549-442C-A388-11294BBE7337}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype
    "TCP Query User{76DD1E39-10A5-4641-A1F3-F6FB39E24BC2}c:\\program files\\itunes\\itunes.exe"= UDP:c:\program files\itunes\itunes.exe:iTunes
    "UDP Query User{E8B66173-0FCB-46DA-B035-67C29FEC9FEC}c:\\program files\\itunes\\itunes.exe"= TCP:c:\program files\itunes\itunes.exe:iTunes
    "TCP Query User{D1B77E38-78AF-4478-A225-D22A81054B15}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
    "UDP Query User{E0BA7546-600A-4DFD-84F7-84F0DF0483AC}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
    "{AA5CD046-AFFF-42CD-93BA-7C5F35A30EF3}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
    "{92FE3D2E-59F8-476A-ADE2-9BB49D9136D0}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"= c:\toshiba\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine
    "c:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= c:\toshiba\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger

    R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [6/16/2008 12:34 PM 325896]
    R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\System32\drivers\sp_rsdrv2.sys [8/4/2008 2:17 PM 141312]
    R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/11/2009 9:30 PM 298776]
    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [11/2/2007 1:55 PM 24652]
    R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [2/28/2007 4:00 PM 7168]
    S3 GoogleDesktopManager-091507-085419;Google Desktop Manager 5.1.709.15267;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2/28/2007 4:10 PM 1840128]
    .
    - - - - ORPHANS REMOVED - - - -

    SafeBoot-procexp90.Sys


    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.toshibadirect.com/dpdstart
    uInternet Settings,ProxyServer = 94.23.10.204:8118
    uInternet Settings,ProxyOverride = <local>
    IE: Crawler Search - tbr:iemenu
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
    Trusted Zone: ameritrade.com
    Trusted Zone: ameritrade.com\investment1s
    Trusted Zone: ameritrade.com\wwws
    Trusted Zone: tdameritrade.com
    Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
    FF - ProfilePath - c:\users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\l1ulxqku.default\
    FF - component: c:\progra~1\Crawler\Toolbar\firefox\components\xcomm.dll
    FF - component: c:\progra~1\Crawler\Toolbar\firefox\components\xshared.dll
    FF - component: c:\progra~1\Crawler\Toolbar\firefox\components\xsupport.dll
    FF - component: c:\progra~1\Crawler\Toolbar\firefox\components\xwsg.dll
    FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
    FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
    FF - component: c:\program files\SiteAdvisor\6261\FF\components\FFHook.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll
    FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll
    FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    FF - plugin: c:\users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\l1ulxqku.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll
    .
  8. kritius

    kritius TechSpot Guru Posts: 2,087

    attach it.
  9. Kiwi4

    Kiwi4 Newcomer, in training Topic Starter

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-06-06 11:18
    Windows 6.0.6000 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'Explorer.exe'(4396)
    c:\program files\SiteAdvisor\6261\saHook.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    c:\windows\System32\audiodg.exe
    c:\program files\Lavasoft\Ad-Aware\aawservice.exe
    c:\program files\IObit\Advanced SystemCare 3\AWC.exe
    c:\windows\System32\agrsmsvc.exe
    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Toshiba\ConfigFree\CFSvcs.exe
    c:\toshiba\IVP\ISM\pinger.exe
    c:\program files\Spyware Terminator\sp_rsser.exe
    c:\progra~1\AVG\AVG8\avgrsx.exe
    c:\toshiba\IVP\swupdate\swupdtmr.exe
    c:\windows\System32\TODDSrv.exe
    c:\program files\Toshiba\Power Saver\TosCoSrv.exe
    c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    c:\program files\Toshiba\ConfigFree\NDSTray.exe
    c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
    c:\program files\Synaptics\SynTP\SynToshiba.exe
    c:\program files\AVG\AVG8\avgtray.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Toshiba\ConfigFree\CFSwMgr.exe
    c:\program files\iPod\bin\iPodService.exe
    .
    **************************************************************************
    .
    Completion time: 2009-06-06 11:26 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-06-06 15:26

    Pre-Run: 76,926,394,368 bytes free
    Post-Run: 76,722,380,800 bytes free

    235 --- E O F --- 2009-05-29 00:44
  10. Kiwi4

    Kiwi4 Newcomer, in training Topic Starter

    Thanks, didn't realize I could attach the file to my post
  11. touch

    touch Newcomer, in training Posts: 978

     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.