am i clean

[propewpew]

this is the combo fix log i will post the malware log as soon as it is done

ComboFix 09-10-21.02 - JOHN2 10/27/2009 13:56.1.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.502.171 [GMT -7:00]

Running from: c:\documents and settings\JOHN2\Desktop\pie.com

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Windows System Defender *On-access scanning enabled* (Updated) {260A19A3-C9B9-492D-89C6-314BB06AD8D3}

FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

FW: Windows System Defender *enabled* {9F22FF3E-0288-468C-AC32-CCE62FF27C50}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Mozilla Firefox\searchplugins\search.xml

c:\recycler\S-1-5-21-1354101710-2608060375-1074790619-1005

c:\recycler\S-1-5-21-1354101710-2608060375-1074790619-1007

c:\recycler\S-1-5-21-2827697747-3192186324-3570482801-500

c:\recycler\S-1-5-21-299502267-1004336348-839522115-500

c:\windows\kb913800.exe

c:\windows\setup.exe

c:\windows\system32\4.tmp

c:\windows\system32\6.tmp

c:\windows\system32\8.tmp

c:\windows\system32\certstore.dat

c:\windows\system32\critical_warning.html

c:\windows\system32\drivers\610282c8.sys

c:\windows\system32\Install.txt

c:\windows\system32\net.net

Infected copy of c:\windows\system32\eventlog.dll was found and disinfected

Restored copy from - c:\windows\system32\logevent(2).dll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_6to4

-------\Legacy_ias

-------\Legacy_{79007602-0cdb-4405-9dbf-1257bb3226ed}

-------\Service_6to4

-------\Service_ias

-------\Service_610282c8

((((((((((((((((((((((((( Files Created from 2009-09-27 to 2009-10-27 )))))))))))))))))))))))))))))))

.

2009-10-27 20:36 . 2009-09-10 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-10-27 20:36 . 2009-09-10 21:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-10-27 15:00 . 2009-10-27 15:00 -------- d-----w- c:\documents and settings\JOHN2\Local Settings\Application Data\AIM

2009-10-27 15:00 . 2009-10-27 15:00 -------- d-----w- c:\documents and settings\JOHN2\Application Data\acccore

2009-10-27 14:59 . 2009-10-27 14:59 -------- d-----w- c:\documents and settings\JOHN2\Local Settings\Application Data\AOL OCP

2009-10-26 21:12 . 2009-10-26 21:12 -------- d-----w- c:\documents and settings\JOHN2\Application Data\IObit

2009-10-26 19:40 . 2009-07-28 23:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-10-26 19:04 . 2009-10-26 19:04 -------- d-----w- c:\documents and settings\JOHN2\Application Data\Malwarebytes

2009-10-26 18:56 . 2009-10-27 20:23 -------- d-----w- c:\documents and settings\JOHN2\Local Settings\Application Data\FullTiltPoker

2009-10-26 18:16 . 2009-10-26 18:16 -------- d-sh--w- c:\documents and settings\JOHN2\IECompatCache

2009-10-26 13:48 . 2009-10-26 13:48 -------- d-sh--w- c:\documents and settings\john\IECompatCache

2009-10-26 13:48 . 2009-10-26 13:48 -------- d-sh--w- c:\documents and settings\john\PrivacIE

2009-10-26 13:48 . 2009-10-26 13:48 -------- d-sh--w- c:\documents and settings\john\UserData

2009-10-26 13:48 . 2009-10-26 13:48 -------- d-----w- c:\documents and settings\john\temp

2009-10-26 13:48 . 2009-10-26 13:48 -------- d-----w- c:\program files\Poker Tracker V2

2009-10-26 06:32 . 2009-10-26 06:32 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE

2009-10-26 06:30 . 2009-10-26 06:30 -------- d-----w- c:\documents and settings\LocalService\IETldCache

2009-10-26 06:29 . 2009-10-26 13:31 1168384 ----a-w- c:\windows\svchost(2).exe

2009-10-26 04:33 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2009-10-26 04:33 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2009-10-26 04:33 . 2009-09-15 10:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2009-10-26 04:33 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr

2009-10-26 04:33 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2009-10-26 04:33 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2009-10-26 04:33 . 2009-09-15 10:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys

2009-10-26 04:33 . 2009-09-15 10:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2009-10-26 04:33 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe

2009-10-26 04:32 . 2009-10-26 04:32 -------- d-----w- c:\program files\Alwil Software

2009-10-26 04:19 . 2009-10-26 04:19 -------- d-sh--w- c:\documents and settings\JOHN2\PrivacIE

2009-10-26 03:57 . 2009-10-26 03:57 -------- d-----w- c:\documents and settings\JOHN2\Application Data\Sony Corporation

2009-10-26 03:36 . 2009-10-26 20:26 -------- d-----w- c:\program files\Trend Micro

2009-10-26 03:36 . 2009-10-26 03:36 -------- d-----w- c:\program files\MSXML 4.0

2009-10-26 03:36 . 2009-10-26 03:36 -------- d-----w- c:\program files\_uninstallation_info

2009-10-26 03:03 . 2009-10-26 03:03 120 ----a-w- c:\windows\Iwaxilulokuzoxu.dat

2009-10-26 03:03 . 2009-10-26 03:03 0 ----a-w- c:\windows\Bfuzikuwafonu.bin

2009-10-26 02:55 . 2009-10-26 03:35 -------- d-----w- c:\program files\AdwarePro

2009-10-26 02:37 . 2009-10-26 02:37 -------- d-----w- c:\documents and settings\JOHN2\Application Data\iolo

2009-10-26 02:34 . 2009-10-26 03:36 -------- d-----w- c:\documents and settings\JOHN2\Local Settings\Application Data\{1A8591D4-9167-449E-AC54-E5AA99DB7968}

2009-10-26 01:44 . 2009-10-26 21:20 0 ----a-r- c:\windows\win32k.sys

2009-10-25 23:01 . 2009-10-25 23:01 -------- d-----w- c:\windows\system32\wbem\Repository

2009-10-22 20:26 . 2009-10-22 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment

2009-10-22 05:54 . 2009-10-23 02:06 -------- d-----w- c:\program files\World of Warcraft

2009-10-21 23:01 . 2009-10-21 23:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-10-21 22:06 . 2009-10-02 21:19 1152470 ----a-w- c:\windows\UDB.zip

2009-10-21 22:06 . 2008-11-26 19:08 131 ----a-w- c:\windows\IDB.zip

2009-10-21 21:59 . 2009-10-22 00:27 -------- d-----w- c:\program files\Common Files\PC Tools

2009-10-21 21:41 . 2009-10-21 21:41 -------- d-----w- c:\program files\IObit

2009-10-21 17:40 . 2009-10-21 17:40 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache

2009-10-21 10:21 . 2009-10-21 10:22 64 ----a-w- c:\windows\system32\quarmzo.dat

2009-10-21 10:21 . 2009-10-21 10:22 64 ----a-w- c:\windows\system32\netefent.dat

2009-10-21 10:21 . 2009-10-21 10:22 0 ----a-w- c:\windows\system32\wzcsvt.dat

2009-10-21 10:21 . 2009-10-21 10:21 115 ----a-w- c:\windows\system32\msvbvm5z.dat

2009-10-11 01:12 . 2009-10-22 00:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment.temp

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-10-27 20:32 . 2009-05-31 00:55 -------- d-----w- c:\program files\PokerStars

2009-10-27 20:23 . 2009-06-01 02:08 -------- d-----w- c:\program files\Full Tilt Poker

2009-10-26 23:12 . 2009-07-05 17:55 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8

2009-10-26 21:16 . 2009-09-03 15:10 -------- d-----w- c:\program files\PokerTracker 3

2009-10-26 13:30 . 2009-10-26 13:30 52 ----a-w- c:\windows\system32\7.tmp

2009-10-26 06:29 . 2009-10-26 06:29 52 ----a-w- c:\windows\system32\5.tmp

2009-10-26 02:28 . 2009-10-26 02:28 88576 ----a-w- c:\windows\system32\13.tmp

2009-10-26 02:28 . 2009-10-26 02:28 52 ----a-w- c:\windows\system32\12.tmp

2009-10-26 02:20 . 2009-10-26 02:19 52 ----a-w- c:\windows\system32\3.tmp

2009-10-22 06:42 . 2009-07-16 01:42 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment

2009-10-22 00:19 . 2009-06-14 09:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-09-25 13:44 . 2009-05-31 00:25 -------- d-----w- c:\program files\Quicken

2009-09-25 04:08 . 2009-09-25 04:08 0 ----a-w- c:\windows\nsreg.dat

2009-09-17 02:25 . 2009-09-17 02:25 -------- d-----w- c:\program files\Microsoft Silverlight

2009-09-03 17:49 . 2009-09-03 17:49 -------- d-----w- c:\program files\PostgreSQL

2009-08-22 18:35 . 2009-07-05 17:55 11952 ----a-w- c:\windows\system32\avgrsstx.dll

2009-08-22 18:35 . 2009-07-05 17:55 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2009-08-22 18:35 . 2009-07-05 17:55 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Aim6"="c:\program files\AIM6\aim6.exe" [2009-05-19 49968]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-03-15 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-04-05 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-04-05 118784]

"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-18 118784]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]

"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]

"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]

"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2006-08-10 217088]

"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]

"VAIO Update 2"="c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-12 151552]

"Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 176128]

"DISCover"="c:\program files\DISC\DISCover.exe" [2006-06-02 1077248]

"HostManager"="c:\program files\Common Files\AOL\1243730182\ee\AOLSoftware.exe" [2006-04-13 50792]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-22 2025752]

"PartSeal"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]

"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-17 2879488]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-08-22 18:35 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2006-06-20 23:11 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\DISC\\DiscStreamHub.exe"=

"c:\\Program Files\\AIM6\\aim6.exe"=

"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=

"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=

"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=

"c:\\Program Files\\World of Warcraft\\Launcher.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=

"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=

"c:\\Program Files\\PokerStars\\PokerStarsUpdate.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\globallyopenports\list]

"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10/25/2009 9:33 PM 114768]

R1 avgldx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [7/5/2009 10:55 AM 335240]

R1 avgtdix;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [7/5/2009 10:55 AM 108552]

R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/25/2009 9:33 PM 20560]

R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [9/1/2006 2:56 PM 226304]

S3 daqdrv;daqdrv;\??\c:\windows\system32\daqdrv.sys --> c:\windows\system32\daqdrv.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ASWRDR

*NewlyCreated* - AVAST!_MAIL_SCANNER

*NewlyCreated* - AVAST!_WEB_SCANNER

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

BtwSrv

.

Contents of the 'Scheduled Tasks' folder

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.msn.com

mStart Page = hxxp://www.msn.com

FF - ProfilePath -

FF - HiddenExtension: XULRunner: {1A8591D4-9167-449E-AC54-E5AA99DB7968} - c:\documents and settings\JOHN2\Local Settings\Application Data\{1A8591D4-9167-449E-AC54-E5AA99DB7968}\

.

- - - - ORPHANS REMOVED - - - -

BHO-{b4b6ecd1-2108-4d9a-a29a-d00a21538c71} - (no file)

Toolbar-{B4B6ECD0-2108-4D9A-A29A-D00A21538C71} - (no file)

Toolbar-Locked - (no file)

WebBrowser-{B4B6ECD0-2108-4D9A-A29A-D00A21538C71} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-10-27 14:10

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\user preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e7,3d,e3,10,c2,e2,8e,48,b3,9c,d7,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e7,3d,e3,10,c2,e2,8e,48,b3,9c,d7,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(876)

c:\windows\system32\VESWinlogon.dll

- - - - - - - > 'explorer.exe'(344)

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\msi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Intel\Wireless\Bin\EvtEng.exe

c:\program files\Intel\Wireless\Bin\S24EvMon.exe

c:\program files\Alwil Software\Avast4\aswUpdSv.exe

c:\program files\Alwil Software\Avast4\ashServ.exe

c:\pie\CF7105.exe

c:\progra~1\AVG\AVG8\avgwdsvc.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Apoint\Apntex.exe

c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

c:\program files\Intel\Wireless\Bin\RegSrvc.exe

c:\program files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe

c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

c:\program files\Sony\VAIO Event Service\VESMgr.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

c:\program files\Viewpoint\Common\ViewpointService.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

c:\windows\system32\igfxext.exe

c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\windows\system32\igfxsrvc.exe

c:\windows\ehome\mcrdsvc.exe

c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

c:\windows\eHome\ehmsas.exe

c:\windows\eHome\ehRec.exe

c:\windows\system32\dllhost.exe

c:\program files\DISC\DiscStreamHub.exe

c:\progra~1\AVG\AVG8\avgnsx.exe

c:\program files\Alwil Software\Avast4\ashWebSv.exe

c:\program files\AIM6\aolsoftware.exe

c:\program files\PokerStars\PokerStars.exe

c:\progra~1\AVG\AVG8\avgrsx.exe

c:\progra~1\AVG\AVG8\avgrsx.exe

c:\pie\PEV.cfxxe

.

**************************************************************************

.

Completion time: 2009-10-27 14:32 - machine was rebooted

ComboFix-quarantined-files.txt 2009-10-27 21:32

Pre-Run: 48,227,086,336 bytes free

Post-Run: 48,352,260,096 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6

- - End Of File - - 121C3D21A212EAE76C53F670EBFEF909

[miekiemoes]

Hi,

I notice from your log that there's more than 1 Antivirus installed. Avast and AVG

Never install more than one Antivirus and Firewall! Rather than giving you extra protection, it will decrease the reliability of it seriously!

The reason for this is that if both products have their automatic (Real-Time) protection switched on, your system may lock up due to both software products attempting to access the same file at the same time.

Also because more than one Antivirus and Firewall installed are not compatible with eachother, it can cause system performance problems and a serious system slowdown.

So you have to make a decision here and keep the Antivirus you prefer and uninstall the other one.

Then reboot after uninstalling.

* Open notepad - don't use any other texteditor than notepad or the script will fail.

Copy/paste the text in the quotebox below into notepad:

File::

c:\windows\svchost(2).exe

c:\windows\Iwaxilulokuzoxu.dat

c:\windows\Bfuzikuwafonu.bin

c:\windows\win32k.sys

c:\windows\system32\7.tmp

c:\windows\system32\5.tmp

c:\windows\system32\13.tmp

c:\windows\system32\12.tmp

c:\windows\system32\3.tmp

Folder::

c:\documents and settings\JOHN2\Local Settings\Application Data\{1A8591D4-9167-449E-AC54-E5AA99DB7968}

c:\program files\AdwarePro

Driver::

daqdrv

NetSvc::

BtwSrv

Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.

[miekiemoes]

Due to the lack of feedback, this Topic is closed.

If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.