Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

ComboFix log

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

ComboFix log

Unread postby hm03 » December 10th, 2009, 11:03 am

My laptop seems to have alot of spyware/virus. Avira always detects alot of virus/unwanted program and malwarebytes is always blocking malicious IPs. My removable hard disks, thumbdrives, memory cards all start off with an autorun virus warning and 3 icons (Photo, Mydocuments, Winzip) always appear in the memory cards no matter how many times i delete them.




ComboFix 09-12-09.04 - CornFlake 12/10/2009 22:25:12.1.2 - x86
Running from: c:\documents and settings\CornFlake\Desktop\ComboFix.exe
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\csrss.log
c:\windows\help\svchost.exe
c:\windows\system32\calc32.exe
c:\windows\system32\twain_32.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_OREANS32
-------\Service_oreans32


((((((((((((((((((((((((( Files Created from 2009-11-10 to 2009-12-10 )))))))))))))))))))))))))))))))
.

2009-12-10 13:56 . 2009-12-10 13:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2009-12-10 13:54 . 2009-12-10 13:54 -------- d-----w- c:\program files\Panda USB Vaccine
2009-12-10 03:58 . 2009-12-10 00:42 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-12-10 00:44 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-12-10 00:33 . 2009-12-10 00:34 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-12-10 00:31 . 2009-12-10 00:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-12-10 00:31 . 2009-12-10 00:31 -------- d-----w- c:\program files\Lavasoft
2009-12-09 14:32 . 2009-12-09 14:32 -------- d-----w- c:\documents and settings\CornFlake\Application Data\Malwarebytes
2009-12-09 14:31 . 2009-12-09 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-09 10:50 . 2009-12-09 10:40 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2009-12-09 10:50 . 2009-12-09 10:40 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2009-12-09 10:50 . 2009-12-09 10:40 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-12-09 10:49 . 2009-12-09 10:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2009-12-09 10:49 . 2009-12-09 10:50 -------- d-----w- c:\program files\Trend Micro
2009-12-09 10:40 . 2009-12-09 10:40 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2009-12-09 10:40 . 2009-12-09 10:40 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys
2009-12-09 10:40 . 2009-12-09 10:40 225808 ----a-w- c:\windows\system32\drivers\tmxpflt.sys
2009-12-09 10:40 . 2009-12-09 10:40 1223832 ----a-w- c:\windows\system32\drivers\vsapint.sys
2009-12-04 11:40 . 2007-09-29 12:00 2648576 --sh--w- c:\program files\RRecycled.scr
2009-12-04 11:39 . 2007-09-29 12:00 2648576 ---h--r- C:\Recycled.scr
2009-12-04 11:39 . 2009-12-10 14:34 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-10 14:36 . 2009-08-18 10:19 -------- d-----w- c:\program files\BitComet
2009-12-10 11:11 . 2008-09-21 16:32 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Symantec
2009-12-10 11:11 . 2009-08-23 09:27 -------- d-----w- c:\documents and settings\CornFlake\Application Data\HpUpdate
2009-12-10 11:11 . 2008-12-23 15:16 -------- d-----w- c:\documents and settings\CornFlake\Application Data\YouSendIt
2009-12-10 04:49 . 2008-10-26 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-10 00:43 . 2009-12-10 00:42 862040 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-12-10 00:41 . 2009-12-10 00:41 1638640 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-12-10 00:41 . 2009-12-10 00:41 788880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-12-10 00:41 . 2009-12-10 00:41 1184912 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-12-09 10:48 . 2008-12-14 06:35 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-12-06 13:27 . 2008-12-26 12:11 -------- d-----w- c:\documents and settings\CornFlake\Application Data\Skype
2009-12-06 12:50 . 2008-12-26 12:15 -------- d-----w- c:\documents and settings\CornFlake\Application Data\skypePM
2009-12-06 11:57 . 2008-10-20 05:38 -------- d-----w- c:\documents and settings\CornFlake\Application Data\ZoomBrowser EX
2009-12-06 11:57 . 2008-10-20 05:39 -------- d-----w- c:\documents and settings\CornFlake\Application Data\CameraWindowDC
2009-12-03 13:51 . 2008-09-26 18:03 1 ----a-w- c:\documents and settings\CornFlake\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-12-03 13:51 . 2008-09-26 18:02 -------- d-----w- c:\documents and settings\CornFlake\Application Data\OpenOffice.org2
2009-11-03 11:54 . 2008-09-23 13:43 -------- d-----w- c:\documents and settings\CornFlake\Application Data\Creative
2009-11-03 11:21 . 2009-11-03 11:21 -------- d-----w- c:\documents and settings\CornFlake\Application Data\ScanSoft
2009-10-29 07:45 . 2004-08-04 21:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:38 . 2004-08-04 21:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2004-08-04 21:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-04 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2004-08-04 21:00 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-13 08:02 . 2008-09-21 16:33 82976 ----a-w- c:\documents and settings\CornFlake\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-13 04:16 . 2006-05-15 05:16 -------- d-----w- c:\program files\Microsoft Works
2009-10-12 13:38 . 2004-08-04 21:00 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2004-08-04 21:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-03 08:15 . 2009-12-10 00:33 2924848 -c--a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2009-09-29 09:33 . 2008-12-07 05:05 253952 ----a-w- c:\program files\mozilla firefox\components\CheckTudouVa.dll
2007-05-14 15:19 . 2008-09-22 07:27 0 --sha-w- c:\windows\SMINST\HPCD.SYS
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-16 10:22 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{43BEAFD9-E005-483D-A367-146BA6C8A32E}]
2009-09-29 09:33 87448 ----a-w- c:\program files\Tudou\·ÉËÙTudou\tudouDetector.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-16 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-16 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-01-07 2262352]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-19 39408]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2009-07-31 2674488]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" [X]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe -r" [X]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-15 454656]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-04 761948]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-04-11 102400]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-02-16 131072]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"CTCheck"="c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-26 7561216]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-19 1089536]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-24 149280]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-12-09 1020248]

c:\documents and settings\CornFlake\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-2-15 581693]
HP Photosmart Premier Fast Start.lnk - c:\program files\Hp\Digital Imaging\bin\hpqthb08.exe [2005-9-25 73728]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Tudou\\·ÉËÙTudou\\TudouVa.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10822:TCP"= 10822:TCP:BitComet 10822 TCP
"10822:UDP"= 10822:UDP:BitComet 10822 UDP

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [12/10/2009 8:44 AM 64288]
R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [3/7/2009 8:53 PM 464264]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [3/20/2009 3:11 PM 54752]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9/24/2009 7:17 PM 1184912]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [12/9/2009 6:40 PM 36368]
R2 U3SDR200;U3SDR200;c:\windows\system32\drivers\U3SDR200.SYS [2/4/2009 3:39 PM 4224]
R3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [12/9/2009 6:50 PM 50704]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [12/9/2009 6:50 PM 689416]
S1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [12/4/2009 7:39 PM 33824]
S2 Windows Recycled Services;Windows Recycled Services;c:\program files\Common Files\Microsoft Shared\MSInfo\Recycled.scr [12/4/2009 7:39 PM 2648576]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 10:48 PM 704864]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 XDva208;XDva208;\??\c:\windows\system32\XDva208.sys --> c:\windows\system32\XDva208.sys [?]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://sg.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
uInternet Settings,ProxyOverride = local
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\CornFlake\Application Data\Mozilla\Firefox\Profiles\8rueen1n.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-10 22:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Windows Recycled Services]
"ImagePath"="c:\program files\Common Files\Microsoft Shared\MSINFO\Recycled.scr"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3244103689-29222448-1897911390-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:7d,cb,5d,ef,6d,32,35,80,d5,ab,6c,62,0e,c1,09,02,56,fa,e4,90,50,bc,c8,
14,3f,f0,af,d5,e1,c9,36,2f,5b,9b,a1,32,c6,69,00,13,6a,61,d9,05,0d,6d,f0,b0,\
"??"=hex:76,6d,7e,d8,d8,a5,03,04,62,11,d9,76,75,e8,6b,bd
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2772)
c:\windows\system32\WININET.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Trend Micro\Internet Security\SfCtlCom.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\Panda USB Vaccine\USBVaccine.exe
c:\program files\Tudou\·ÉËÙTudou\TudouVa.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\HPQ\Shared\HPQTOA~1.EXE
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\program files\Trend Micro\BM\TMBMSRV.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Completion time: 2009-12-10 22:45:19 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-10 14:41

Pre-Run: 5,436,919,808 bytes free
Post-Run: 6,330,191,872 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - C4BDFE968B3D8F131B2470C85F7B5D76
hm03
Active Member
 
Posts: 2
Joined: December 10th, 2009, 10:53 am
Top
Advertisement
Register to Remove

Re: ComboFix log

Unread postby NonSuch » December 10th, 2009, 7:09 pm

ComboFix is not a tool that is intended to be used without the direct supervision of a qualified expert. To use ComboFix on your own is to court disaster for your computer. Please stop all attempts at self-fixes for your system's issues as that may only confuse the issue further and cause additional problems as well.

In order for us to help you it is necessary that you provide us with a HijackThis log. Please follow the guideline at the link below to start a new topic and post your HijackThis log. Also include your ComboFix log in the same post.

This topic is now closed. Please start a new topic by following the HijackThis Guideline posted here: >Guideline for posting your HijackThis log<
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Top
Topic locked

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 213 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index