Hijacker help

[Corey_skains]

Help I am sorry this is long and i may be quite dumb for posting all of this but meh.

Virus is

win32/Alureon.H

 

I have the dds report, 360 report, and the 'attach'ment

[markusg]

so post it in 1 or more posts.

[Corey_skains]

IObit Security 360

 

OS:Windows XP

Version:1.5.0.13

Define Version:1829

Time Elapsed:01:10:04

Objects Scanned:81367

Threats Found:3

 

|Name|Type|Description|ID|

Tracking Cookies - Removed, Cookies, Cookie:cj@ar.atwola.com/html, 7-1653

Misleading.AnVi - Removed, Registry Key, HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}, 4-19247

Adware.Searchbar - Quarantined, File, C:\System Volume Information\_restore{68EE2449-065A-4CBD-9A1A-6248826BB19F}\RP266\A0277060.DLL, 9-69316

[Corey_skains]

half dds

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by CJ at 19:41:52.25 on Thu 09/30/2010

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_21

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.408 [GMT -6:00]

 

AV: Windows Live OneCare *On-access scanning enabled* (Outdated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}

FW: Windows Live OneCare Firewall *enabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}

 

============== Running Processes ===============

 

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\ehome\mcrdsvc.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\CJ\My Documents\TFC.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Carbonite\CarbonitePreinstaller.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\IObit\IObit Security 360\IS360tray.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\USB TV\EM28XX\BDARemote.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Program Files\IObit\IObit Security 360\is360.exe

C:\Program Files\Microsoft Windows OneCare Live\winss.exe

C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Documents and Settings\CJ\Local Settings\Temporary Internet Files\Content.IE5\5FBIYW4S\dds[1].scr

C:\WINDOWS\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uInternet Connection Wizard,ShellNext = hxxp://forums.iobit.com/forumdisplay.php?f=39

mSearchAssistant = hxxp://www.google.com/ie

BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll

BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: The Game Creators Ltd Toolbar: {eae1e35c-bdd4-49aa-adc9-e82496f88370} - c:\program files\the_game_creators_ltd\tbThe1.dll

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll

TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll

TB: Veoh Browser Plug-in: {d0943516-5076-4020-a3b5-aefaf26ab263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll

TB: The Game Creators Ltd Toolbar: {eae1e35c-bdd4-49aa-adc9-e82496f88370} - c:\program files\the_game_creators_ltd\tbThe1.dll

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [OneCareUI] "c:\program files\microsoft windows onecare live\winssnotify.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [MyWebSearch Plugin] rundll32 c:\progra~1\mywebs~1\bar\1.bin\M3PLUGIN.DLL,UPF

mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [iObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart

StartupFolder: c:\docume~1\cj\startm~1\programs\startup\deskto~1.lnk - c:\program files\research in motion\blackberry\DesktopMgr.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bdarem~1.lnk - c:\program files\usb tv\em28xx\BDARemote.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

StartupFolder: c:\documents and settings\all users\start menu\programs\startup\VTAgentReboot.exe

IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\docume~1\cj\applic~1\mozilla\firefox\profiles\k1800m9b.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2476351&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2476351&q=

FF - plugin: c:\documents and settings\cj\local settings\application data\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\google\google updater\2.4.1368.5602\npCIDetect13.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPAskSBr.dll

FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll

FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 16000

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.max.tokenizing.time - 3000000

FF - user.js: content.maxtextrun - 4095

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 1000000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 1000000

FF - user.js: dom.disable_window_status_change - true

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 1000

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

[Corey_skains]

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

R1 MpKsl1ef4b803;MpKsl1ef4b803;c:\documents and settings\all users\application data\microsoft\onecare protection\definition updates\{ba0e6adf-8da9-40bb-93e5-258ef2631ae7}\MpKsl1ef4b803.sys [2010-9-30 28752]

R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2010-9-30 312152]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R2 OcHealthMon;Windows Live OneCare Health Monitor;c:\program files\microsoft windows onecare live\OcHealthMon.exe [2010-2-5 26120]

R3 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2008-7-2 53168]

R3 wip0204;Wippien Network Adapter 2.4;c:\windows\system32\drivers\wip0204.sys [2008-12-7 23480]

S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe --> c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [?]

S2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe --> c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [?]

S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-6-27 24652]

S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [2008-6-27 17149]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 XDva349;XDva349;\??\c:\windows\system32\xdva349.sys --> c:\windows\system32\XDva349.sys [?]

 

============== File Associations ===============

 

regfile="regedit.exe" "%1"

.txt=GetDiz.Document

 

=============== Created Last 30 ================

 

2010-10-01 00:01:47 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-10-01 00:01:43 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2010-10-01 00:01:40 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-10-01 00:01:39 0 d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-09-30 06:42:35 0 d-----w- c:\docume~1\alluse~1\applic~1\IObit

2010-09-30 06:35:56 0 d-----w- c:\windows\system32\wbem\Repository

2010-09-30 02:46:03 0 d-----w- c:\program files\THQ(3)

2010-09-27 22:44:06 0 d-----w- c:\program files\THQ(2)

2010-09-21 20:22:26 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee Security Scan

2010-09-21 20:22:22 0 d-----w- c:\program files\McAfee Security Scan

2010-09-21 20:19:52 0 d-----w- c:\program files\common files\DirectX

2010-09-21 05:46:48 0 d-----w- c:\program files\Gravity

2010-09-11 05:11:23 593920 ------w- c:\windows\system32\ati2sgag.exe

2010-09-11 04:46:44 0 d-----w- c:\program files\common files\ATI Technologies

2010-09-11 04:46:26 0 d-----w- c:\program files\USB TV

2010-09-11 04:45:55 0 d-----w- c:\program files\ATI Technologies

2010-09-11 04:45:15 0 d-----w- C:\ATI

2010-09-07 01:01:24 0 d-----w- C:\Fraps

2010-09-07 00:53:50 0 d-----w- c:\docume~1\alluse~1\applic~1\SwiftKit

2010-09-07 00:53:46 0 d-----w- c:\program files\SwiftKit

 

==================== Find3M ====================

 

2010-09-14 00:31:20 46 ----a-w- c:\documents and settings\cj\jagex_runescape_preferences.dat

2010-09-14 00:30:23 99 ----a-w- c:\documents and settings\cj\jagex_runescape_preferences2.dat

2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe

2010-07-22 15:49:15 590848 ----a-w- c:\windows\system32\rpcrt4.dll

2010-07-22 05:57:20 5120 ----a-w- c:\windows\system32\xpsp4res.dll

2010-07-17 11:00:04 423656 ----a-w- c:\windows\system32\deployJava1.dll

2010-07-04 15:03:00 2286080 ----a-w- c:\windows\system32\python27.dll

2008-07-18 13:11:20 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008071820080719\index.dat

 

============= FINISH: 19:43:28.78 ===============

[Corey_skains]

DDS (Ver_10-03-17.01)

 

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 6/4/2008 11:24:30 PM

System Uptime: 9/30/2010 5:55:36 PM (2 hours ago)

 

Motherboard: Dell Inc. | | 0WG864

Processor: Intel® Pentium® D CPU 2.66GHz | Microprocessor | 2660/533mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 466 GiB total, 170.748 GiB free.

D: is CDROM ()

E: is CDROM ()

F: is CDROM ()

G: is CDROM ()

 

==== Disabled Device Manager Items =============

 

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Intel® 82562V 10/100 Network Connection

Device ID: PCI\VEN_8086&DEV_104C&SUBSYS_01DD1028&REV_02\3&172E68DD&0&C8

Manufacturer: Intel

Name: Intel® 82562V 10/100 Network Connection

PNP Device ID: PCI\VEN_8086&DEV_104C&SUBSYS_01DD1028&REV_02\3&172E68DD&0&C8

Service: e1express

 

==== System Restore Points ===================

 

RP245: 6/23/2010 12:31:31 AM - Installed Java 6 Update 20

RP246: 6/23/2010 12:32:40 AM - Installed Java Runtime Environment

RP247: 6/23/2010 12:59:46 AM - Advanced SystemCare RestorePoint

RP248: 6/23/2010 1:14:24 AM - Unsigned driver install

RP249: 6/23/2010 1:19:43 AM - Software Distribution Service 3.0

RP250: 6/23/2010 2:14:07 AM - Software Distribution Service 3.0

RP251: 6/23/2010 2:27:52 AM - Microsoft OneCare Protection Checkpoint

RP252: 6/23/2010 3:00:28 AM - Software Distribution Service 3.0

RP253: 6/24/2010 12:24:28 AM - Software Distribution Service 3.0

RP254: 6/24/2010 10:23:08 PM - Printer Driver Microsoft XPS Document Writer Installed

RP255: 6/24/2010 10:24:44 PM - Software Distribution Service 3.0

RP256: 6/25/2010 6:47:27 PM - Software Distribution Service 3.0

RP257: 6/25/2010 6:52:46 PM - Software Distribution Service 3.0

RP258: 6/25/2010 6:55:16 PM - Installed iTunes

RP259: 6/26/2010 12:09:08 AM - Software Distribution Service 3.0

RP260: 6/27/2010 12:58:08 AM - System Checkpoint

RP261: 7/5/2010 1:40:48 AM - Unsigned driver install

RP262: 7/5/2010 1:43:38 AM - Installed Sprint SmartView.

RP263: 7/5/2010 1:47:28 AM - Unsigned driver install

RP264: 7/5/2010 1:54:25 AM - Unsigned driver install

RP265: 7/6/2010 5:42:37 AM - System Checkpoint

RP266: 7/8/2010 5:56:53 AM - Unsigned driver install

RP267: 7/10/2010 9:04:14 AM - System Checkpoint

RP268: 7/11/2010 1:39:25 AM - Installed Company of Heroes.

RP269: 7/11/2010 1:54:52 AM - Installed Company of Heroes.

RP270: 7/11/2010 2:38:03 AM - Unsigned driver install

RP271: 7/16/2010 12:40:32 AM - System Checkpoint

RP272: 7/18/2010 12:25:57 AM - System Checkpoint

RP273: 7/21/2010 11:49:52 PM - System Checkpoint

RP274: 7/24/2010 12:51:37 PM - Unsigned driver install

RP275: 7/25/2010 3:00:19 AM - Software Distribution Service 3.0

RP276: 7/30/2010 12:29:07 AM - Installed Python 2.7

RP277: 8/2/2010 11:12:40 AM - Configured Extends

RP278: 8/3/2010 8:52:33 PM - Software Distribution Service 3.0

RP279: 8/18/2010 2:57:58 AM - System Checkpoint

RP280: 8/19/2010 12:51:09 AM - Unsigned driver install

RP281: 8/19/2010 3:00:21 AM - Software Distribution Service 3.0

RP282: 8/20/2010 12:23:11 AM - Installed Java 6 Update 21

RP283: 9/10/2010 10:46:23 PM - Installed USB Video Driver

RP284: 9/10/2010 10:46:43 PM - Installed ATI AVIVO Codecs

RP285: 9/10/2010 11:11:43 PM - Installed ATI Catalyst Control Center

RP286: 9/20/2010 11:46:44 PM - Installed Requiem

RP287: 9/22/2010 5:43:25 PM - Software Distribution Service 3.0

RP288: 9/25/2010 5:26:51 PM - Unsigned driver install

RP289: 9/25/2010 5:32:18 PM - Unsigned driver install

RP290: 9/25/2010 6:00:17 PM - Installed Company of Heroes.

RP291: 9/25/2010 6:04:24 PM - Installed Company of Heroes.

RP292: 9/27/2010 4:41:40 PM - Installed DirectX

RP293: 9/29/2010 7:09:21 PM - Software Distribution Service 3.0

RP294: 9/29/2010 8:44:49 PM - Restore Operation

RP295: 9/29/2010 8:56:47 PM - Software Distribution Service 3.0

RP296: 9/29/2010 9:18:27 PM - Removed Company of Heroes.

RP297: 9/29/2010 9:24:46 PM - Installed Company of Heroes.

RP298: 9/29/2010 11:19:09 PM - Microsoft OneCare Protection Checkpoint

RP299: 9/30/2010 12:32:07 AM - Restore Operation

RP300: 9/30/2010 12:49:57 AM - Software Distribution Service 3.0

RP301: 9/30/2010 6:15:25 PM - Microsoft OneCare Protection Checkpoint

 

==== Installed Programs ======================

 

3D World Studio 5.52

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Device Central CS3

Adobe ExtendScript Toolkit 2

Adobe Flash CS3

Adobe Flash CS3 Professional

Adobe Flash Player 10 Plugin

Adobe Flash Player 9 ActiveX

Adobe Flash Player ActiveX

Adobe Flash Video Encoder

Adobe Help Viewer CS3

Adobe Linguistics CS3

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Reader 6.0.1

Adobe Setup

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe WinSoft Linguistics Plugin

Advanced SystemCare 3

AIM 6

AiO_Scan_CDA

AiOSoftwareNPI

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ASIO4ALL

AT&T WorldNet Setup

ATI - Software Uninstall Utility

ATI AVIVO Codecs

ATI Catalyst Control Center

ATI Display Driver

AVS Video Converter 6

AVS4YOU Software Navigator 1.2

Axife Mouse Recorder DEMO 5.01

BlackBerry Desktop Software 4.2

Blender (remove only)

Bonjour

Broadcom 440x 10/100 Integrated Controller

BufferChm

Carbonite Online Backup Setup

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center HydraVision Full

Catalyst Control Center Localization All

ccc-core-preinstall

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Collab

Conexant D850 56K V.9x DFVc Modem

CP_AtenaShokunin1Config

CP_CalendarTemplates1

cp_OnlineProjectsConfig

CP_Package_Basic1

CP_Package_Variety1

CP_Package_Variety2

CP_Package_Variety3

CP_Panorama1Config

cp_PosterPrintConfig

CueTour

CustomerResearchQFolder

DAEMON Tools Toolbar

Dark Basic Professional

Dell Resource CD

Dell Support Center (Support Software)

Destinations

DeviceFunctionQFolder

DeviceManagementQFolder

DocProc

DocumentViewer

DocumentViewerQFolder

EA Download Manager

ESPNMotion

eSupportQFolder

Extends

Fax_CDA

FL Studio 8

Fraps (remove only)

Full Tilt Poker

FullDPAppQFolder

Game Booster

GameSpy Arcade

GemMaster Mystic

GetDiz 4.1.0.6

GIMP 2.4.6

Google Earth

Google Toolbar for Internet Explorer

Google Updater

GTOneCare

Guitar Pro 5.2

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB981793)

HP Document Viewer 6.1

HP Extended Capabilities 6.1

HP Imaging Device Functions 6.1

HP Photosmart Premier Software 6.1

HP PSC & OfficeJet 6.1.A

HP Solution Center and Imaging Support Tools 6.1

HP Update

HPProductAssistant

IL Download Manager

InstantShareDevices

Intel® PRO Network Connections Drivers

IObit Security 360

IrfanView (remove only)

iTunes

J2SE Runtime Environment 5.0 Update 12

Java Auto Updater

Java 6 Update 2

Java 6 Update 21

Java 6 Update 7

JumpStart Spelling

Malwarebytes' Anti-Malware

MarketResearch

McAfee Security Scan Plus

Microsoft .NET Framework 1.0 Hotfix (KB953295)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office Home and Student 2007 Trial

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Protection Service

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual Basic 2005 Express Edition - ENU

Microsoft Visual Basic 2005 Express Edition - ENU Service Pack 1 (KB926747)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Windows Live OneCare Resources v2.5.2900.30

Microsoft Windows OneCare Live AntiSpyware and AntiVirus

Microsoft Windows OneCare Live v2.5.2900.20 Idcrl Install

Microsoft Windows OneCare Live v2.5.2900.30

Mozilla Firefox (3.6.3)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

Namo FreeMotion 2006

NewCopy_CDA

OpenOffice.org Installer 1.0

PanoStandAlone

PDF Settings

PhotoGallery

Picasa 2

Power Data Recovery 4.1.1

PowerISO

PurePLUGIN Ver1.5 [2008.03.08]

PX Engine

Python 2.7

QuickTime

RandMap

Readme

Requiem

Scan

ScannerCopy

Security Update for 2007 Microsoft Office System (KB2277947)

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for 2007 Microsoft Office System (KB982312)

Security Update for 2007 Microsoft Office System (KB982331)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Office Excel 2007 (KB982308)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2251419)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

SigmaTel Audio

Skins

SkinsHP1

SolutionCenter

Sonic Encoders

Sonic_PrimoSDK

SPORE™

Sprint SmartView

Spybot - Search & Destroy

Status

Survival

The Rosetta Stone

The_Game_Creators_Ltd Toolbar

Toolbox

Toxic Biohazard

TrayApp

Tree Magik

Tree Magik G2

Unload

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB942763)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

USB Video Driver

VeohTV BETA

Viewpoint Media Player

Virtual DJ - Atomix Productions

WebFldrs XP

WebReg

[Corey_skains]

UG and idk if my other replies went through...

[Corey_skains]

attach

 

Here is the attachment

Attach.zip

[markusg]

We need to create an OTL Report

 

1. Please download OTL

http://oldtimer.geekstogo.com/OTL.exe

 

2. Save it to your desktop.

3. Double click on the icon on your desktop.

4. Click the "Scan All Users" checkbox.

5. Under "Extra Registry" please check "Use Safelist" and also check "LOP Check" and "Purity Check" as pictured.

6. Copy and Paste the following into the textbox.

 

 

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

winlogon.exe

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

 

7. Push "scan"

8. Two reports will open

use the attachment manager and attach this files

• OTListIt.txt <-- Will be opened

• Extra.txt <-- Will be minimized

[Corey_skains]

Otl

 

Otl and extra

OTL.rar

Extras.rar

[markusg]

post a combofix logfile:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

[Corey_skains]

Bump

 

Bitte Helfe meow

[enoskype]

Hi Corey_skains,

 

Why don't you follow the advice of markusg?

 

He asked for the log of Combofix in his last post.

 

Cheers.

[Corey_skains]

I didnt see there was a page 2 lol

[Corey_skains]

IT doesnt work, only time it seems like it will work is downloading it twice but then it says you cant rename it as combofix(2)

[Corey_skains]

BUMP Anything else I can do?