Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

admirablesearchsystems removal

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

admirablesearchsystems removal

Unread postby massmatters » November 7th, 2011, 8:49 pm

Thanks in advance for the help. I have a Dell laptop with XP Service Pack 3. Below is my log file. While running Combo fix I got a popup telling me to run filecheck or something because a file was corrupted and unreadable. That popup disappeared by the time the program was finished. Got a slightly different popup for a different file in the notification area after the program had finished. What do I do now?


ComboFix 11-11-07.03 - student610 11/07/2011 19:09:00.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.312 [GMT -5:00]
Running from: c:\documents and settings\student610\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\DealScout
c:\program files\DealScout\dealscout.dll
c:\program files\SynchronEyes Student 4.0\SynchronEyesSrv.exe
c:\windows\$NtUninstallKB52678$
c:\windows\$NtUninstallKB52678$\1046132013
c:\windows\$NtUninstallKB52678$\1202353555\@
c:\windows\$NtUninstallKB52678$\1202353555\click.tlb
c:\windows\$NtUninstallKB52678$\1202353555\L\iahonoel
c:\windows\$NtUninstallKB52678$\1202353555\loader.tlb
c:\windows\$NtUninstallKB52678$\1202353555\U\@00000001
c:\windows\$NtUninstallKB52678$\1202353555\U\@000000c0
c:\windows\$NtUninstallKB52678$\1202353555\U\@000000cb
c:\windows\$NtUninstallKB52678$\1202353555\U\@000000cf
c:\windows\$NtUninstallKB52678$\1202353555\U\@80000000
c:\windows\$NtUninstallKB52678$\1202353555\U\@800000c0
c:\windows\$NtUninstallKB52678$\1202353555\U\@800000cb
c:\windows\$NtUninstallKB52678$\1202353555\U\@800000cf
c:\windows\system32\
c:\windows\system32\c_80684.nls
.
Infected copy of c:\windows\system32\drivers\ipsec.sys was found and disinfected
Restored copy from - The cat found it :)
Infected copy of c:\windows\system32\Ati2evxx.exe was found and disinfected
Restored copy from - c:\i386\ati2evxx.exe
.
c:\windows\system32\basfipm.exe . . . is infected!!
c:\windows\system32\basfipm.exe . . . was deleted!! You should re-install the program it pertains to
.
Infected copy of c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe was found and disinfected
Restored copy from - c:\windows\Microsoft.NET\Framework\v2.0.50727\
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe . . . is infected!!
c:\program files\Intel\Wireless\Bin\EvtEng.exe . . . was deleted!! You should re-install the program it pertains to
.
Infected copy of c:\program files\Intel\Wireless\Bin\RegSrvc.exe was found and disinfected
Restored copy from - c:\program files\Intel\Wireless\Bin\
.
c:\program files\Intel\Wireless\Bin\S24EvMon.exe . . . is infected!!
c:\program files\Intel\Wireless\Bin\S24EvMon.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\program files\Intel\Wireless\Bin\WLKeeper.exe . . . is infected!!
c:\program files\Intel\Wireless\Bin\WLKeeper.exe . . . was deleted!! You should re-install the program it pertains to
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_47aa7593
-------\Legacy_SynchronEyes_4.0_Helper_Service
-------\Service_SynchronEyes 4.0 Helper Service
.
.
((((((((((((((((((((((((( Files Created from 2011-10-08 to 2011-11-08 )))))))))))))))))))))))))))))))
.
.
2011-11-07 23:55 . 2008-04-13 19:19 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2011-11-07 23:55 . 2008-04-13 19:19 75264 ----a-w- c:\windows\system32\dllcache\ipsec.sys
2011-11-07 23:03 . 2011-11-07 23:09 128000 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-07 22:20 . 2011-11-07 23:37 -------- dc----w- c:\windows\system32\DRVSTORE
2011-11-07 22:20 . 2011-11-07 23:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2011-10-30 15:29 . 2011-11-07 22:40 -------- d-----w- c:\documents and settings\student610\Local Settings\Application Data\AskToolbar
2011-10-30 15:28 . 2011-10-30 15:30 -------- d-----w- c:\program files\Ask.com
2011-10-30 15:28 . 2011-11-07 22:08 -------- d-----w- c:\documents and settings\student610\Application Data\Sammsoft
2011-10-16 20:53 . 2011-10-16 20:58 -------- d-----w- C:\326b7d48b71f1e60e70526
2011-10-16 20:40 . 2011-10-16 20:45 -------- d-----w- C:\0177660a697cdc20e5ee
2011-10-16 20:27 . 2011-10-16 20:31 -------- d-----w- C:\9df338423ed9c7cc6e72eff94fc8
2011-10-16 16:48 . 2011-10-16 16:48 -------- d-----w- c:\windows\system32\XPSViewer
2011-10-16 16:48 . 2011-10-16 16:48 -------- d-----w- c:\program files\MSBuild
2011-10-16 16:48 . 2011-10-16 16:48 -------- d-----w- c:\program files\Reference Assemblies
2011-10-16 16:47 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-10-16 16:47 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-10-16 16:47 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-10-16 16:47 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-10-16 16:47 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-10-16 16:47 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2011-10-16 16:47 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-10-16 16:47 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-10-16 16:47 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-10-16 16:47 . 2011-10-16 16:47 -------- d-----w- C:\b49b6db7aca5be087c51a75d4e
2011-10-16 16:38 . 2011-10-16 16:51 -------- d-----w- C:\dccd2909ffc7fc0bbb1053501a
2011-10-15 17:37 . 2011-10-15 17:37 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Sun
2011-10-10 23:19 . 2011-10-10 23:19 -------- d-----w- c:\documents and settings\student610\Local Settings\Application Data\Sun
2011-10-10 19:16 . 2011-10-10 20:30 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 18:48 . 2011-10-10 18:48 -------- d-----w- c:\program files\FileHippo.com
2011-10-10 16:40 . 2011-10-10 20:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-10-10 16:40 . 2011-10-10 20:40 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-07 23:09 . 2010-10-17 19:58 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-26 15:41 . 2011-09-26 15:41 611328 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-11 22:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 15:41 . 2004-08-11 22:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12 . 2004-08-11 22:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2004-08-11 22:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:48 . 2004-08-11 22:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-11 22:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-11 22:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-11 22:00 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-11 22:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2010-03-11 04:01 . 2010-03-11 04:01 124272 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
2010-03-11 04:40 . 2010-03-11 04:40 13168 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2010-03-11 04:02 . 2010-03-11 04:02 70512 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2010-03-11 04:01 . 2010-03-11 04:01 91504 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2010-03-11 04:01 . 2010-03-11 04:01 22384 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2010-03-11 04:00 . 2010-03-11 04:00 255344 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2010-03-11 04:01 . 2010-03-11 04:01 31088 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2010-03-11 04:01 . 2010-03-11 04:01 40304 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2009-10-05 17:49 . 2009-10-05 17:49 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2010-03-11 04:02 . 2010-03-11 04:02 23920 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-26 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-07-26 22:23 1493160 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-26 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-26 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-07-26 397992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-09-07 21:08 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^student610^Start Menu^Programs^Startup^Launch WhiteSmokeTranslator.lnk]
path=c:\documents and settings\student610\Start Menu\Programs\Startup\Launch WhiteSmokeTranslator.lnk
backup=c:\windows\pss\Launch WhiteSmokeTranslator.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^student610^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\student610\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2004-09-13 21:33 155648 ----a-w- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter]
2010-03-11 04:21 300400 ----a-w- c:\program files\Citrix\ICA Client\concentr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2004-12-06 06:05 127035 ----a-w- c:\windows\system32\dla\tfswctrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-04-26 13:04 53248 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-06-27 22:40 136176 ----atw- c:\documents and settings\student610\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2004-10-30 19:59 385024 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-05-04 17:59 252136 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SynchronEyes Student 4.0\\dax64.exe"=
"c:\\Program Files\\SynchronEyes Student 4.0\\SynchronEyesClient.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\student610\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Documents and Settings\\student610\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jucheck.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"c:\\Program Files\\FileHippo.com\\UpdateChecker.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"=
"c:\\Program Files\\Ask.com\\Updater\\Updater.exe"=
.
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [10/5/2009 9:08 AM 65584]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [5/9/2005 8:47 PM 80384]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2128556077-1414674724-1788574560-1005Core.job
- c:\documents and settings\student610\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-27 22:40]
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2128556077-1414674724-1788574560-1005UA.job
- c:\documents and settings\student610\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-27 22:40]
.
2011-11-07 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-07-26 22:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{10B03BAD-C3E6-4600-A59D-E17E7B659BA3}: NameServer = 128.164.132.73,128.164.132.74
TCP: Interfaces\{B6A14078-7297-4562-A8ED-BC437A4F64B0}: NameServer = 128.164.132.73,128.164.132.74
FF - ProfilePath - c:\documents and settings\student610\Application Data\Mozilla\Firefox\Profiles\8zczs505.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - http://www.yahoo.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}
FF - Ext: Firefox (default): {972ce4c6-7e08-4474-a285-3208198ce6fd} - %profile%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-BrMfcWnd - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe
MSConfigStartUp-ControlCenter3 - c:\program files\Brother\ControlCenter3\brctrcen.exe
MSConfigStartUp-Dell QuickSet - c:\program files\Dell\QuickSet\quickset.exe
MSConfigStartUp-OrderReminder - c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe
MSConfigStartUp-SynchronEyes 4 - c:\program files\SynchronEyes Student 4.0\SynchronEyesSrv.exe
AddRemove-HijackThis - e:\host testing\HijackThis.exe
AddRemove-LSP Explorer plug-in for Ad-Aware SE - c:\progra~1\Lavasoft\AD-AWA~1\Plugins\LSPEXP~1\UNWISE.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-07 19:22
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1004)
c:\windows\system32\Ati2evxx.dll
c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
- - - - - - - > 'explorer.exe'(2672)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Intel\Wireless\Bin\ZcfgSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-11-07 19:25:36 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-08 00:25
.
Pre-Run: 70,847,721,472 bytes free
Post-Run: 71,018,323,968 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 1D4FD4463F356E703DCC992274821BBE
massmatters
Active Member
 
Posts: 1
Joined: November 7th, 2011, 8:30 pm
Advertisement
Register to Remove

Re: admirablesearchsystems removal

Unread postby deltalima » November 8th, 2011, 3:32 am

Please familiarize yourself with the forum rules: Forum Posting Rules - Please Read

ComboFix is not a tool that is intended to be used without the direct supervision of a qualified expert. To use ComboFix on your own is to court disaster for your computer. Please stop all attempts at self-fixes for your system's issues as that may only confuse the issue further and cause additional problems as well.

In order for us to help you it is necessary that you provide us with DDS logs (DDS.txt and Attach.txt). Please follow the guideline at the link below to start a new topic and post your logs. Also include your ComboFix log in the same post.

This topic is now closed.
Please start a new topic by following the
Guideline for posting your DDS logs.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 32 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware