![]() (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe ![]() (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (If an entry is included in the fixlist, the process will be closed. Internet Explorer Version 11 (Default browser: IE) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Loaded Profiles: frak (Available Profiles: frak) Scan result of Farbar Recovery Scan Tool (FRST) (圆4) Version:03-06-2015 After I ran this my system appeared clean until MS rebooted the machine and the processes came back.ĪswMBR version 1. ![]() It is still installed, however, and I see its process. I also ran combofix which I know see I should not run before asking for help, here. I did a registry backup from regedit at this time. In getting to the bottom of this I have used Process Hacker, and Procmon - to do a bootup log which when I first tried it stopped by computer from booting (due to the sys file not being correct, and it being referenced in bootup from the registry to actually do its logging. I have since removed all Java installs so there is currently nothing. I suspect I got infected via an old Java that I did not realise was still there. they talk with a huge amount of IPs online which I take to be mail servers. As soon as a network connection is available, I see stack of cmd.exe (the standard location) with an empty command line and associated process fire off. I have a malware infection that I am 90% sure is email spamming. This are more difficult to me as this occurred when I am moving jobs and cities so my only net access is via the mobile phone which is pretty expensive. Thanks in advance, and I will be donating to this fantastic service. I have read through the stickies so hope I get this correct.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |