[LoneWolf217]

Hey Azarl!

Sadly yes, I am still experience problems.
My computer still restarts upon running GMER, and Final Fantasy 14 and NetNanny/ContentWatch end up having an error upon running. So should we continue searching my computer for infected files / a virus? If not, which topic should I post on for more help with the programs not working, software, OS Systems? Thanks again Azarl!!

[Advertisements]

» Step 1 «
Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
  
  
  
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
  
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
  
  
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
  
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

» Step 2 «
Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

[azarl]

» Step 1 «
Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
  
  
  
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
  
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
  
  
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
  
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

» Step 2 «
Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

[LoneWolf217]

Hey Azarl!

So to my understanding, the two scans didnt find anything wrong. Does this leave us open ended again? Here are the logs you've requested.

2010/10/23 09:46:00.0031 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59
2010/10/23 09:46:00.0031 ================================================================================
2010/10/23 09:46:00.0031 SystemInfo:
2010/10/23 09:46:00.0031
2010/10/23 09:46:00.0031 OS Version: 5.1.2600 ServicePack: 3.0
2010/10/23 09:46:00.0031 Product type: Workstation
2010/10/23 09:46:00.0031 ComputerName: KREVIN-NINO
2010/10/23 09:46:00.0031 UserName: Owner
2010/10/23 09:46:00.0031 Windows directory: C:\WINDOWS
2010/10/23 09:46:00.0031 System windows directory: C:\WINDOWS
2010/10/23 09:46:00.0031 Processor architecture: Intel x86
2010/10/23 09:46:00.0031 Number of processors: 4
2010/10/23 09:46:00.0031 Page size: 0x1000
2010/10/23 09:46:00.0031 Boot type: Normal boot
2010/10/23 09:46:00.0031 ================================================================================
2010/10/23 09:46:00.0484 Initialize success
2010/10/23 09:46:37.0984 ================================================================================
2010/10/23 09:46:37.0984 Scan started
2010/10/23 09:46:37.0984 Mode: Manual;
2010/10/23 09:46:37.0984 ================================================================================
2010/10/23 09:46:38.0578 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/10/23 09:46:38.0625 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/10/23 09:46:38.0671 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/10/23 09:46:38.0718 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/10/23 09:46:38.0812 Alpham1 (acd2f2df292b6cc28f58095bba63a068) C:\WINDOWS\system32\DRIVERS\Alpham1.sys
2010/10/23 09:46:38.0828 Alpham2 (f4fafb2e74b83a156408b1b02302799e) C:\WINDOWS\system32\DRIVERS\Alpham2.sys
2010/10/23 09:46:38.0890 appliand (05eda44c080ebaf758f8a318488ffd75) C:\WINDOWS\system32\DRIVERS\appliand.sys
2010/10/23 09:46:38.0906 appliandMP (05eda44c080ebaf758f8a318488ffd75) C:\WINDOWS\system32\DRIVERS\appliand.sys
2010/10/23 09:46:38.0921 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/10/23 09:46:39.0000 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/10/23 09:46:39.0000 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/10/23 09:46:39.0234 ati2mtag (bde0f5d73c04b3f16672a7e6ea9d2392) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2010/10/23 09:46:39.0312 AtiHdmiService (590724416c5a6aa6fbc1f8ee75131afc) C:\WINDOWS\system32\drivers\AtiHdmi.sys
2010/10/23 09:46:39.0328 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/10/23 09:46:39.0359 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/10/23 09:46:39.0390 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/10/23 09:46:39.0437 BIOS (be5d50529799b9bab6be879ec768b6cf) C:\WINDOWS\System32\drivers\BIOS.sys
2010/10/23 09:46:39.0468 BS_I2cIo (9383ffa2aad55f6ca4831addd0edf230) C:\WINDOWS\system32\drivers\BS_I2cIo.sys
2010/10/23 09:46:39.0500 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/10/23 09:46:39.0531 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/10/23 09:46:39.0562 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/10/23 09:46:39.0593 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/10/23 09:46:39.0625 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/10/23 09:46:39.0734 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/10/23 09:46:39.0765 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/10/23 09:46:39.0796 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/10/23 09:46:39.0828 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/10/23 09:46:39.0875 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/10/23 09:46:39.0921 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/10/23 09:46:39.0968 EPUSBSTOR (9ff9df112f551f34ce7894c7ce41bfee) C:\WINDOWS\system32\DRIVERS\epusbsto.sys
2010/10/23 09:46:40.0000 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/10/23 09:46:40.0031 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/10/23 09:46:40.0046 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/10/23 09:46:40.0062 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/10/23 09:46:40.0093 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/10/23 09:46:40.0125 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
2010/10/23 09:46:40.0156 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/10/23 09:46:40.0171 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/10/23 09:46:40.0203 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/10/23 09:46:40.0218 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/10/23 09:46:40.0250 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/10/23 09:46:40.0296 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/10/23 09:46:40.0343 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/10/23 09:46:40.0406 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/10/23 09:46:40.0421 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/10/23 09:46:40.0562 IntcAzAudAddService (3fd00a073361937b705822775255d4e0) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/10/23 09:46:40.0625 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/10/23 09:46:40.0656 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/10/23 09:46:40.0687 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/10/23 09:46:40.0718 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/10/23 09:46:40.0750 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/10/23 09:46:40.0765 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/10/23 09:46:40.0781 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/10/23 09:46:40.0796 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/10/23 09:46:40.0828 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/10/23 09:46:40.0859 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/10/23 09:46:40.0890 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/10/23 09:46:40.0937 MASPINT (a2ae666cee860babe7fa6f1662b71737) C:\WINDOWS\system32\drivers\MASPINT.sys
2010/10/23 09:46:40.0968 McPvDrv (436966e5f96ea810a8a80a5fb41b63ad) C:\WINDOWS\system32\drivers\McPvDrv.sys
2010/10/23 09:46:41.0015 mfeavfk (bafdd5e28baea99d7f4772af2f5ec7ee) C:\WINDOWS\system32\drivers\mfeavfk.sys
2010/10/23 09:46:41.0031 mfebopk (1d003e3056a43d881597d6763e83b943) C:\WINDOWS\system32\drivers\mfebopk.sys
2010/10/23 09:46:41.0046 mfehidk (3f138a1c8a0659f329f242d1e389b2cf) C:\WINDOWS\system32\drivers\mfehidk.sys
2010/10/23 09:46:41.0093 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
2010/10/23 09:46:41.0125 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
2010/10/23 09:46:41.0156 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/10/23 09:46:41.0171 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/10/23 09:46:41.0187 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/10/23 09:46:41.0218 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/10/23 09:46:41.0234 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/10/23 09:46:41.0250 MpFilter (c98301ad8173a2235a9ab828955c32bb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2010/10/23 09:46:41.0296 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/10/23 09:46:41.0343 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/10/23 09:46:41.0375 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/10/23 09:46:41.0390 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/10/23 09:46:41.0406 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/10/23 09:46:41.0421 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/10/23 09:46:41.0437 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/10/23 09:46:41.0468 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/10/23 09:46:41.0484 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/10/23 09:46:41.0515 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/10/23 09:46:41.0531 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/10/23 09:46:41.0562 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/10/23 09:46:41.0562 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/10/23 09:46:41.0593 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/10/23 09:46:41.0609 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/10/23 09:46:41.0625 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/10/23 09:46:41.0656 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/10/23 09:46:41.0687 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/10/23 09:46:41.0718 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/10/23 09:46:41.0750 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/10/23 09:46:41.0781 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/10/23 09:46:41.0828 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/10/23 09:46:41.0921 NVHDA (0ba72d1d0b83e1e5500c5dc4c7bafc32) C:\WINDOWS\system32\drivers\nvhda32.sys
2010/10/23 09:46:42.0031 nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\WINDOWS\system32\DRIVERS\nvsmu.sys
2010/10/23 09:46:42.0062 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/10/23 09:46:42.0078 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/10/23 09:46:42.0109 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/10/23 09:46:42.0140 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/10/23 09:46:42.0156 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/10/23 09:46:42.0187 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/10/23 09:46:42.0218 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2010/10/23 09:46:42.0234 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/10/23 09:46:42.0265 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/10/23 09:46:42.0296 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/10/23 09:46:42.0406 pfusb (e31f9b0a99cb456c29ab8cd1f731ea92) C:\WINDOWS\system32\drivers\pfusb.sys
2010/10/23 09:46:42.0437 PIXMCV (5c08d25808a7ed574102ea832fbb1400) C:\WINDOWS\system32\Drivers\pixmcvc.sys
2010/10/23 09:46:42.0468 PIXMCVA (2cecad203aded777e8a46e2a01971147) C:\WINDOWS\system32\Drivers\pixmcva.sys
2010/10/23 09:46:42.0484 PIXMCVV (2bdeef8b900e18de526ae8586ce6c680) C:\WINDOWS\system32\Drivers\pixmcvv.sys
2010/10/23 09:46:42.0515 pnarp (dea06627596015263360097c2608384e) C:\WINDOWS\system32\DRIVERS\pnarp.sys
2010/10/23 09:46:42.0546 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/10/23 09:46:42.0578 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/10/23 09:46:42.0609 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/10/23 09:46:42.0625 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/10/23 09:46:42.0656 purendis (c0cdb9f7ce42c3487f0bea409bf5d153) C:\WINDOWS\system32\DRIVERS\purendis.sys
2010/10/23 09:46:42.0750 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/10/23 09:46:42.0781 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/10/23 09:46:42.0796 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/10/23 09:46:42.0796 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/10/23 09:46:42.0843 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/10/23 09:46:42.0875 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/10/23 09:46:42.0906 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/10/23 09:46:42.0937 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/10/23 09:46:42.0984 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2010/10/23 09:46:43.0015 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/10/23 09:46:43.0031 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/10/23 09:46:43.0062 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/10/23 09:46:43.0078 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/10/23 09:46:43.0125 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/10/23 09:46:43.0156 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2010/10/23 09:46:43.0203 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/10/23 09:46:43.0218 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/10/23 09:46:43.0265 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/10/23 09:46:43.0296 ss_bus (5a1d0ca8a5f1e7b4ec50b9d76c001f0e) C:\WINDOWS\system32\DRIVERS\ss_bus.sys
2010/10/23 09:46:43.0312 ss_mdfl (f0a85580e36a3a85059037d39a9cf079) C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys
2010/10/23 09:46:43.0343 ss_mdm (84c3dbfd1bfa4adc0a950b3d5506cb00) C:\WINDOWS\system32\DRIVERS\ss_mdm.sys
2010/10/23 09:46:43.0375 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/10/23 09:46:43.0390 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/10/23 09:46:43.0421 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/10/23 09:46:43.0500 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/10/23 09:46:43.0546 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/10/23 09:46:43.0578 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/10/23 09:46:43.0609 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/10/23 09:46:43.0625 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/10/23 09:46:43.0656 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/10/23 09:46:43.0703 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/10/23 09:46:43.0750 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/10/23 09:46:43.0796 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/10/23 09:46:43.0828 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/10/23 09:46:43.0843 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/10/23 09:46:43.0875 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/10/23 09:46:43.0921 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/10/23 09:46:43.0937 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/10/23 09:46:43.0968 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/10/23 09:46:44.0000 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/10/23 09:46:44.0031 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/10/23 09:46:44.0046 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/10/23 09:46:44.0078 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/10/23 09:46:44.0125 whfltr2k (97d0d27a87622154bc90b92d84fd91b5) C:\WINDOWS\system32\DRIVERS\whfltr2k.sys
2010/10/23 09:46:44.0171 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2010/10/23 09:46:44.0218 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2010/10/23 09:46:44.0250 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/10/23 09:46:44.0359 ================================================================================
2010/10/23 09:46:44.0359 Scan finished
2010/10/23 09:46:44.0359 ================================================================================
2010/10/23 09:48:13.0078 Deinitialize success




MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 129):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F79000 ACPI.sys
0xBA5AA000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xB9F68000 pci.sys
0xBA0A8000 isapnp.sys
0xBA0B8000 ohci1394.sys
0xBA0C8000 \WINDOWS\System32\DRIVERS\1394BUS.SYS
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xBA0D8000 MountMgr.sys
0xB9F49000 ftdisk.sys
0xBA330000 PartMgr.sys
0xBA0E8000 VolSnap.sys
0xB9F31000 atapi.sys
0xBA0F8000 disk.sys
0xBA108000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xB9F11000 fltmgr.sys
0xB9EFF000 sr.sys
0xB9EE8000 KSecDD.sys
0xB9E5B000 Ntfs.sys
0xB9E2E000 NDIS.sys
0xB9E14000 Mup.sys
0xB9E00000 McPvDrv.sys
0xBA148000 \SystemRoot\System32\DRIVERS\processr.sys
0xBA158000 \SystemRoot\System32\DRIVERS\serial.sys
0xBA54C000 \SystemRoot\System32\DRIVERS\serenum.sys
0xBA378000 \SystemRoot\System32\DRIVERS\nvsmu.sys
0xBA388000 \SystemRoot\System32\DRIVERS\usbohci.sys
0xB9D94000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xBA390000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xB9D6F000 \SystemRoot\System32\DRIVERS\HDAudBus.sys
0xBA168000 \SystemRoot\System32\DRIVERS\imapi.sys
0xBA178000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xBA188000 \SystemRoot\System32\DRIVERS\redbook.sys
0xB9D4C000 \SystemRoot\System32\DRIVERS\ks.sys
0xBA3A8000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xB97D6000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xB97C2000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB97A8000 \SystemRoot\System32\DRIVERS\Rtenicxp.sys
0xBA564000 \SystemRoot\System32\DRIVERS\wmiacpi.sys
0xBA78C000 \SystemRoot\System32\DRIVERS\audstub.sys
0xBA198000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xBA56C000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xB9791000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xBA1A8000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xBA1B8000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xBA3C8000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xB9758000 \SystemRoot\System32\DRIVERS\psched.sys
0xBA1C8000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xBA3D8000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xBA3E8000 \SystemRoot\System32\DRIVERS\raspti.sys
0xBA1D8000 \SystemRoot\system32\DRIVERS\appliand.sys
0xBA1E8000 \SystemRoot\System32\DRIVERS\termdd.sys
0xBA3F8000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xBA400000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xBA5B6000 \SystemRoot\System32\DRIVERS\swenum.sys
0xB965A000 \SystemRoot\System32\DRIVERS\update.sys
0xBA580000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xBA1F8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA218000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xBA5BE000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xB9597000 \SystemRoot\system32\drivers\AtiHdmi.sys
0xB9573000 \SystemRoot\system32\drivers\portcls.sys
0xBA228000 \SystemRoot\system32\drivers\drmk.sys
0xACFFA000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xBA420000 \SystemRoot\system32\drivers\nvhda32.sys
0xACF6A000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0xBA5D0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA690000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5D4000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA450000 \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
0xBA460000 \SystemRoot\System32\drivers\vga.sys
0xBA5D8000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5DC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA470000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA480000 \SystemRoot\System32\Drivers\Npfs.SYS
0xBA574000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xBA490000 \SystemRoot\System32\DRIVERS\usbccgp.sys
0xACF37000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xACEDE000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xACE90000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xACE68000 \SystemRoot\System32\DRIVERS\netbt.sys
0xBA278000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xACE46000 \SystemRoot\System32\drivers\afd.sys
0xBA288000 \SystemRoot\System32\DRIVERS\netbios.sys
0xACE1B000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xACDAB000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xACD78000 \SystemRoot\system32\drivers\mfehidk.sys
0xBA298000 \SystemRoot\System32\Drivers\Fips.SYS
0xBA4A8000 \??\C:\WINDOWS\system32\drivers\BS_I2cIo.sys
0xB963A000 \??\C:\WINDOWS\System32\drivers\BIOS.sys
0xACFAD000 \SystemRoot\System32\DRIVERS\hidusb.sys
0xBA2B8000 \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
0xBA2C8000 \SystemRoot\system32\drivers\usbaudio.sys
0xBA5E2000 \SystemRoot\system32\DRIVERS\whfltr2k.sys
0xACF9D000 \SystemRoot\System32\DRIVERS\mouhid.sys
0xACF95000 \SystemRoot\System32\DRIVERS\kbdhid.sys
0xBA2D8000 \SystemRoot\system32\DRIVERS\Alpham1.sys
0xBA380000 \SystemRoot\system32\DRIVERS\Alpham2.sys
0xACC9F000 \SystemRoot\System32\Drivers\Udfs.SYS
0xACC87000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA5E6000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB9771000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA3C0000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA783000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF060000 \SystemRoot\System32\ati2cqag.dll
0xBF108000 \SystemRoot\System32\atikvmag.dll
0xBF1B1000 \SystemRoot\System32\atiok3x2.dll
0xBF216000 \SystemRoot\System32\ati3duag.dll
0xBF9C5000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xAA12E000 \SystemRoot\System32\DRIVERS\ndisuio.sys
0xBA498000 \SystemRoot\system32\DRIVERS\pnarp.sys
0xBA4B0000 \SystemRoot\system32\DRIVERS\purendis.sys
0xA9DD9000 \SystemRoot\system32\drivers\wdmaud.sys
0xAA186000 \SystemRoot\system32\drivers\sysaudio.sys
0xA9B76000 \SystemRoot\System32\DRIVERS\mrxdav.sys
0xBA5E0000 \SystemRoot\System32\Drivers\MASPINT.SYS
0xA975E000 \SystemRoot\System32\DRIVERS\srv.sys
0xA8ED5000 \SystemRoot\System32\Drivers\HTTP.sys
0xA9D96000 \??\C:\WINDOWS\system32\FsUsbExDisk.SYS
0xA8950000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 62):
0 System Idle Process
4 SYSTEM
824 C:\WINDOWS\system32\smss.exe
872 csrss.exe
904 C:\WINDOWS\system32\winlogon.exe
948 C:\WINDOWS\system32\services.exe
960 C:\WINDOWS\system32\lsass.exe
1136 C:\WINDOWS\system32\ati2evxx.exe
1156 C:\WINDOWS\system32\svchost.exe
1252 svchost.exe
1392 C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
1444 C:\WINDOWS\system32\svchost.exe
1628 svchost.exe
1808 C:\WINDOWS\system32\ati2evxx.exe
1828 svchost.exe
288 C:\WINDOWS\system32\spoolsv.exe
296 C:\WINDOWS\explorer.exe
1480 svchost.exe
1528 C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe
1548 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1648 C:\ADVANC~1\wh_exec.exe
1676 C:\Program Files\Bonjour\mDNSResponder.exe
1736 C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
216 C:\WINDOWS\system32\FsUsbExService.Exe
244 C:\WINDOWS\RTHDCPL.EXE
276 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
320 C:\Program Files\Pure Networks\Network Magic\nmapp.exe
388 C:\Program Files\Microsoft Security Essentials\msseces.exe
552 C:\Program Files\McAfee\Anti-Theft\McPvTray.exe
200 C:\Program Files\MSI\Live Update 3\LMonitor.exe
612 C:\Program Files\Java\jre6\bin\jqs.exe
644 C:\PROGRA~1\MICROI~1\INTERN~1\KPDRV4XP.EXE
708 C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXE
848 C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
1352 C:\WINDOWS\system32\PnkBstrA.exe
1760 C:\Program Files\iTunes\iTunesHelper.exe
1764 C:\WINDOWS\system32\PnkBstrB.exe
1972 wdfmgr.exe
2084 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2104 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2120 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2308 C:\WINDOWS\system32\ctfmon.exe
2404 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
2436 C:\Program Files\Pando Networks\Media Booster\PMB.exe
2516 C:\Documents and Settings\Owner\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
2552 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
2640 C:\Program Files\Messenger\msmsgs.exe
2836 C:\Program Files\DNA\btdna.exe
2872 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
2920 C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
3784 C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.0.exe
4084 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
584 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
1696 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
2100 C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
3880 C:\Program Files\iPod\bin\iPodService.exe
604 alg.exe
4020 C:\WINDOWS\system32\wuauclt.exe
3100 C:\Program Files\Internet Explorer\iexplore.exe
1920 C:\Program Files\Internet Explorer\iexplore.exe
3180 C:\Program Files\Internet Explorer\iexplore.exe
2252 C:\Documents and Settings\Owner\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00006600 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000000`007e0000 (NTFS)

PhysicalDrive1 Model Number: ST3500320AS, Rev: SD1A
PhysicalDrive0 Model Number: ST3160815A, Rev: 3.AAC

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive1 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive0 Legit MBR code detected
SHA1: 85562D13BAA03F4C14EFB9AADC58F7B3382DCF47


Done!

[azarl]

ComboFix
Download ComboFix from one of these locations:

Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your Antivirus and Antispyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
• Double click on ComboFix.exe & follow the prompts.
  
• As part of its process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue its malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

[LoneWolf217]

Hey Azarl!
thats really odd, I didn't expect ComboFix to fail. Around the 50th scanning stage of ComboFix, my computer just restarted, similar to what happens when I run GMER. No log was saved/produced to my knowledge. My computer must be pretty screwed up?

[azarl]

Hey Azarl!
thats really odd, I didn't expect ComboFix to fail. Around the 50th scanning stage of ComboFix, my computer just restarted, similar to what happens when I run GMER. No log was saved/produced to my knowledge. My computer must be pretty screwed up?

Have a look in c:\, it should have left a log

[LoneWolf217]

Hey Azarl!

Nope, only text files I see are "LU4" and "cmdline" which I believe have no relevance to ComboFix, least have nothing about it in them. Should I try running ComboFix again?

[azarl]

Please. I think it's a system problem rather than Malware though

[LoneWolf217]

Hey Azarl!

Yeah, still no log produced. What topic do you think I should post on? OS Windows XP, Software? Or do you think I'm going to have to end up reformatting.

[azarl]

We'll cleanup first. Then put a post in OS Windows X. Explain that you've been sent there from the malware forums

Your logs are now clean - you are clear or seem to be. Please advise me if you still have any problems.

We'll move on to the cleanup now. There's quite A bit to do here, just take your time

Follow these steps to uninstall ComboFix and tools used in the removal of malware

• Click START then RUN
• Now type ComboFix /Uninstall in the run box and click OK. Note the space between the ComboFix and the /U, it needs to be there.
  

OTL Cleanup
Run OTL and click the cleanup button. It will remove all the programmes we have used plus itself.

Preventing re-infection
Now that your system is clear, there are a number of steps you can take to prevent re-infection

It is critical that you have both a firewall and anti virus to protect your system and to keep them updated.

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Winpatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. Help file and tutorial can be found Here
SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
MVPS Hosts File - Blocks known bad sites by adding them to your Hosts file thereby preventing you from accessing them
TFC (Temp File Cleaner)- Cleans an enormous amount of junk held in temporary files and disposes of any malware lurking there.
Anti Spyware Program - We recommend MalwareBytes Anti-Malware and SUPERAntiSpyware

Browsers
Consider using FIREFOX or OPERA, both are free to use and are more secure than IE. If you are using Firefox you can stay more secure by adding NoScript and WOT (Web Of Trust). NoScript stops Java scripts from starting on a web page unless you give permission for them, and WOT has a comprehensive list of ratings for different websites allowing you to easily see if a website that you are about to go to has a bad reputation; in fact it will warn you to check if you are sure that you want to continue to a bad website.


Make your Internet Explorer more secure - This can be done by following these simple instructions:

• Run Internet Explorer
• Click on the Tools menu and then click on Options.
• Click once on the Security tab
• Click once on the Internet icon so it becomes highlighted.
• Click once on the Custom Level button.
• Change the Download signed ActiveX controls to Prompt
• Change the Download unsigned ActiveX controls to Disable
• Change the Initialize and script ActiveX controls not marked as safe to Disable
• Change the Installation of desktop items to Prompt
• Change the Launching programs and files in an IFRAME to Prompt
• Change the Navigate sub-frames across different domains to Prompt
• When all these settings have been made, click on the OK button
• If it prompts you as to whether or not you want to save the settings, press the Yes button.
• Next press the Apply button and then the OK to exit the Internet Properties page.

Updates
From time to time, software vendors introduce updates for their products. Sometimes these are to enhance the product, but often they are to repair an exploitable vulnerability. You may like to consider installing Secunia PSI. This is a free application (for home users) that sits in the system tray and alerts you when security updates are available, and where from. Secunia PSI can be downloaded from HERE

[azarl]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.