Help please!

December 28, 2010 at 19:25:39
Specs: Windows XP
I can't really do much of anything on my computer anymore. I'll just make a nice little list of my problems for you.
1. When I restart in normal mode as soon as I log in I get a message that says something like "Generic Host Process for Win32 has encountered a problem." Then an error report comes up about it and if I do anything with the window but drag it out of the way it freezes the computer and I have to restart again.
2. My google search results are being redirected to ad websites.
3. I've tried using Avast, Malwarebytes Anti-Malware, and Spybot. Every time I run a scan using either program multiple things are found and seemingly deleted, but there is always more right after I restart and scan again.
4. In Chrome, Firefox, and Internet Explorer 9 times out of 10 when I try to load a page it says it was "unable to connect to proxy server."
5. Two different times I've gotten fake virus scanner pop ups that I've been unable to exit out of.

Any help would be appreciated. I've spent a couple days scratching my head over this one. I already have Hijack This installed if anyone needs a log from that. Thank you!


See More: Help please!

Report •

#1
December 28, 2010 at 19:38:45
As you have tried Malwarebytes & hopefully you have all your important stuff backed up, print the instructions & use this very powerful tool.

ComboFix
http://download.bleepingcomputer.co...
http://www.techsupportforum.com/sec...
http://www.forospyware.com/sUBs/Com...
How to use ComboFix
http://www.myantispyware.com/2008/0...
http://www.bleepingcomputer.com/com...
http://www.myantispyware.com/2007/1...
http://www.jamiiforums.com/download...
http://forums.majorgeeks.com/showth...
We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:
* Close all open Windows including this one.
* Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found in this topic.
http://www.bleepingcomputer.com/for...
Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.
When finished, clear away any of the files and folders that were created by ComboFix.
Start > Run, Copy and Paste > ComboFix /uninstall and click OK.
Qoobox is a folder created by Combofix to quarantine any infected files.



Report •

#2
January 5, 2011 at 08:25:01
Running combofix worked...for about a day. Now I'm having trouble opening any web browser, my computer isn't recognizing my speakers, and for some reason my computer is setting itself to the Windows Classic theme?

Here's my ComboFix log:

ComboFix 10-12-26.01 - Andrew Ledure 12/29/2010 0:56.1.2 - x86
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\program files\Helper
c:\program files\Mozilla Firefox\plugins\npclntax.dll
c:\program files\TBONAS
c:\program files\TBONAS\bestoffers_icon_01.ico
c:\program files\TBONAS\center_wnd.htm
c:\program files\TBONAS\comp.htm
c:\program files\TBONAS\grb12.rtk
c:\program files\TBONAS\Thumbs.db
c:\windows\Google Pack Screensaver Uninstaller.exe
c:\windows\JAVA\TRUSTLIB\wcfm.ini2
c:\windows\JAVA\TRUSTLIB\wcfm.tmp
c:\windows\patch.exe
c:\windows\system\oeminfo.ini
c:\windows\system32\logs
c:\windows\system32\Oeminfo.ini
c:\windows\system32\system.dat
c:\windows\system32\UACcvoafyye.db
c:\windows\system32\uactmp.db
c:\windows\system32\vasar.ini
c:\windows\system32\vasar.ini2
c:\windows\SYSTEM32\vasar.tmp

----- BITS: Possible infected sites -----

hxxp://apnmedia.ask.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SVCPROC
-------\Legacy_UACD.SYS


((((((((((((((((((((((((( Files Created from 2010-11-28 to 2010-12-29 )))))))))))))))))))))))))))))))
.

2010-12-29 06:21 . 2010-12-29 06:22 -------- d-----w- C:\32788R22FWJFW
2010-12-29 03:52 . 2010-12-29 03:52 -------- d-----w- C:\BackSys
2010-12-29 03:44 . 2010-12-29 03:44 -------- d-----r- C:\comment.htt
2010-12-29 03:41 . 2010-12-29 03:52 24416 ----a-w- c:\windows\system32\drivers\regguard.sys
2010-12-29 03:31 . 2010-12-29 03:31 37600 ----a-w- c:\windows\system32\Partizan.exe
2010-12-29 03:31 . 2010-12-29 03:31 35816 ----a-w- c:\windows\system32\drivers\Partizan.sys
2010-12-29 03:31 . 2010-12-29 03:31 2 --shatr- c:\windows\winstart.bat
2010-12-29 03:31 . 2010-12-27 18:00 12808 ----a-w- c:\windows\system32\drivers\UnHackMeDrv.sys
2010-12-29 03:31 . 2010-12-29 03:31 -------- d-----w- c:\program files\UnHackMe
2010-12-29 03:10 . 2010-12-29 03:10 883488 ----a-w- c:\program files\JavaSetup6u23.exe
2010-12-28 23:18 . 2010-09-07 15:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-28 23:18 . 2010-09-07 15:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-12-28 23:18 . 2010-09-07 15:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-12-28 23:18 . 2010-09-07 15:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-12-28 23:18 . 2010-09-07 15:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-12-28 23:18 . 2010-09-07 15:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-12-28 23:18 . 2010-09-07 15:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-12-28 23:17 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-12-28 23:17 . 2010-09-07 16:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-12-28 22:49 . 2010-12-28 22:49 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-12-28 19:44 . 2010-12-28 19:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-12-28 04:43 . 2010-12-21 00:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-28 04:42 . 2010-12-28 04:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-28 04:42 . 2010-12-21 00:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-27 05:17 . 2010-12-28 23:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-12-27 05:17 . 2010-12-27 05:17 -------- d-----w- c:\program files\Alwil Software
2010-12-25 16:40 . 2010-12-25 16:40 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-12-25 07:22 . 2009-05-18 19:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-12-25 07:22 . 2008-04-17 18:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-12-25 07:15 . 2010-12-25 07:15 -------- d-----w- c:\program files\iPod
2010-12-21 21:23 . 2010-12-21 21:25 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-12-21 21:23 . 2010-12-25 06:31 -------- d-----w- c:\program files\iTunes
2010-12-21 21:18 . 2010-12-21 21:18 -------- d-----w- c:\program files\Apple Software Update
2010-12-21 21:17 . 2010-09-28 21:44 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-12-21 21:17 . 2010-09-28 21:44 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-12-21 21:15 . 2010-12-21 21:15 -------- d-----w- c:\program files\Bonjour
2010-12-04 00:28 . 2010-12-04 02:19 -------- d-----w- c:\program files\ManyCam
2010-11-30 09:22 . 2010-11-30 09:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Last.fm
2010-11-30 09:22 . 2008-05-13 23:23 417792 ----a-w- c:\program files\Windows Media Player\Plugins\wmp_scrobbler.dll
2010-11-30 09:21 . 2010-11-30 09:22 -------- d-----w- c:\program files\Last.fm
2010-11-30 03:25 . 2010-11-30 03:25 -------- d-----w- c:\program files\OpenXMLSDK
2010-11-30 02:24 . 2010-11-30 02:24 -------- d-----w- c:\program files\MSBuild
2010-11-30 02:20 . 2010-11-30 02:20 -------- d-----w- c:\windows\system32\XPSViewer
2010-11-30 02:18 . 2010-11-30 02:18 -------- d-----w- c:\program files\Reference Assemblies
2010-11-30 02:17 . 2006-10-14 22:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-11-30 02:16 . 2006-06-29 19:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-11-29 23:38 . 2010-11-29 23:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 23:38 . 2010-11-29 23:38 69632 ----a-w- c:\windows\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-07 18:23 . 2010-10-07 18:23 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 18:23 . 2010-10-07 18:23 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 18:23 . 2010-10-07 18:23 107808 ----a-w- c:\windows\system32\dns-sd.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2006-05-06 16:42 . 2006-12-02 16:24 7260160 ----a-w- c:\program files\mozilla firefox\plugins\libvlc.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2007-09-06 03:58 . 2007-09-06 03:58 135680 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2005-07-14 18:31 27648 --sha-r- c:\windows\SYSTEM32\AVSredirect.dll
2005-06-26 21:32 616448 --sha-r- c:\windows\SYSTEM32\cygwin1.dll
2005-06-22 04:37 45568 --sha-r- c:\windows\SYSTEM32\cygz.dll
2004-01-25 06:00 70656 --sha-r- c:\windows\SYSTEM32\i420vfw.dll
2005-02-28 19:16 240128 --sha-r- c:\windows\SYSTEM32\x.264.exe
2004-01-25 06:00 70656 --sha-r- c:\windows\SYSTEM32\yv12vfw.dll
.

------- Sigcheck -------

Cryptography Services Error !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Andrew Ledure\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-11-22 136176]
"SpybotSD TeaTimer"="e:\spybot - search & destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IPInSightMonitor 01"="c:\program files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe" [2003-07-14 98304]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="e:\itunes\iTunesHelper.exe" [2010-12-13 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SWHelper"="c:\windows\system32\Macromed\Shockwave 10\PostUpdate.exe" [2010-12-27 53248]

c:\documents and settings\Jeffrey Ledure\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0Partizan

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"=
"c:\\WINDOWS\\SYSTEM32\\rtcshare.exe"=
"c:\\Program Files\\Last.fm\\LastFM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SoulseekNS\\slsk.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20388:TCP"= 20388:TCP:*:Disabled:BitComet 20388 TCP
"20388:UDP"= 20388:UDP:*:Disabled:BitComet 20388 UDP
"14754:TCP"= 14754:TCP:*:Disabled:BitComet 14754 TCP
"14754:UDP"= 14754:UDP:*:Disabled:BitComet 14754 UDP

R1 dfd;dfd;c:\windows\system32\drivers\dfd.sys [x]
R3 MUD;Driver for Magellan Jupiter USB Device;c:\windows\system32\DRIVERS\MUD.sys [2007-09-07 55808]
R3 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2010-12-29 35816]
R3 RegGuard;RegGuard;c:\windows\system32\Drivers\regguard.sys [2010-12-29 24416]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]

.
Contents of the 'Scheduled Tasks' folder

2010-12-29 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-20 06:01]

2010-12-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3196941173-2685248919-4021987108-1009Core.job
- c:\documents and settings\Andrew Ledure\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-11-22 07:06]

2010-12-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3196941173-2685248919-4021987108-1009UA.job
- c:\documents and settings\Andrew Ledure\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-11-22 07:06]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:8074
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
Trusted Zone: flickr.com\www
FF - ProfilePath - c:\documents and settings\Andrew Ledure\Application Data\Mozilla\Firefox\Profiles\ymi4lzat.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.startup.homepage - chrome://fastdial/content/fastdial.html
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: DisableBackspaceNavigation: {40520fe7-6336-4df2-bab1-1f1f8e11bf27} - %profile%\extensions\{40520fe7-6336-4df2-bab1-1f1f8e11bf27}
FF - Ext: Calculator: {AA052FD6-366A-4771-A591-0D8DC551585D} - %profile%\extensions\{AA052FD6-366A-4771-A591-0D8DC551585D}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: FindThatBand: mablu@jperryextens.ion - %profile%\extensions\mablu@jperryextens.ion
FF - Ext: Fast Dial: fastdial@telega.phpnet.us - %profile%\extensions\fastdial@telega.phpnet.us
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Yahoo! Pager - c:\progra~1\Yahoo!\MESSEN~1\ypager.exe
HKCU-Run-MSKAGENTEXE - c:\progra~1\McAfee\SPAMKI~1\MSKAgent.exe
HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKCU-Run-DEBUG SIGN - c:\docume~1\ANDREW~1\APPLIC~1\MIXSIT~1\SurfBendMp3.exe
HKCU-Run-Uniblue RegistryBooster 2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-2wSysTray - c:\program files\2Wire\2PortalMon.exe
HKLM-Run-VSOCheckTask - c:\progra~1\mcafee.com\vso\mcmnhdlr.exe
HKLM-Run-VirusScan Online - c:\progra~1\mcafee.com\vso\mcvsshld.exe
HKLM-Run-ViewMgr - c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
HKLM-Run-UpdateManager - c:\program files\Common Files\Sonic\Update Manager\sgtray.exe
HKLM-Run-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
HKLM-Run-MSKDetectorExe - c:\progra~1\McAfee\SPAMKI~1\MSKDetct.exe
HKLM-Run-MSKAGENTEXE - c:\progra~1\McAfee\SPAMKI~1\MSKAgent.exe
HKLM-Run-MPFExe - c:\progra~1\McAfee.com\PERSON~1\MpfTray.exe
HKLM-Run-lxcgmon.exe - c:\program files\Lexmark 2300 Series\lxcgmon.exe
HKLM-Run-HostManager - c:\program files\Common Files\AOL\1150808923\ee\AOLHostManager.exe
HKLM-Run-FaxCenterServer - c:\program files\Lexmark Fax Solutions\fm3032.exe
HKLM-Run-EzPrint - c:\program files\Lexmark 2300 Series\ezprint.exe
HKLM-Run-dla - c:\windows\system32\dla\tfswctrl.exe
HKLM-Run-msresearch - c:\windows\msresearch.exe
Notify-rasav - c:\windows\system32\rasav.dll
Notify-vtuts - vtuts.dll
SafeBoot-Wdf01000.sys
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD400BD-75JMA0 rev.05.01C05 -> Harddisk0\DR0 -> \Device\Ide\IdePort1 P1T0L0-e

device: opened successfully
user: MBR read successfully

Disk trace:
kernel: MBR read successfully
_asm { CLI ; MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; STI ; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62f; }
detected disk devices:
\Device\Ide\IdeDeviceP1T0L0-e -> \??\IDE#DiskWDC_WD400BD-75JMA0______________________05.01C05#5&139d26ec&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A89A39B
user & kernel MBR OK

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
.
**************************************************************************
.
Completion time: 2010-12-29 01:46:39 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-29 07:46

Pre-Run: 1,058,611,200 bytes free
Post-Run: 2,711,195,648 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 824B4A49739A5D98F7C1357129DFAA89


Report •

#3
January 5, 2011 at 14:28:10
One thing at a time.

Did you repair your internet connection?

Manually restoring the Internet connection

http://www.bleepingcomputer.com/com...


Report •
Related Solutions


Ask Question