Internet redirected to 64.111.196.114

[Kevin Thor]

I ran Combfix and recieved this message:

ComboFix 10-02-22.07 - kthorlakson 02/23/2010 12:48:09.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2003.1104 [GMT -6:00]

Running from: c:\documents and settings\kthorlakson\Desktop\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\Install.bat

.

((((((((((((((((((((((((( Files Created from 2010-01-23 to 2010-02-23 )))))))))))))))))))))))))))))))

.

2010-02-21 15:26 . 2010-02-21 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2010-02-21 15:26 . 2010-02-22 15:41 -------- d-----w- c:\documents and settings\kthorlakson\Application Data\SUPERAntiSpyware.com

2010-02-21 15:26 . 2010-02-22 15:29 -------- d-----w- c:\program files\SUPERAntiSpyware

2010-02-19 14:13 . 2010-02-19 13:43 15880 ----a-w- c:\windows\system32\lsdelete.exe

2010-02-19 13:42 . 2010-02-19 13:42 1229232 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe

2010-02-19 13:38 . 2010-02-19 13:38 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}

2010-02-19 13:38 . 2010-02-04 15:53 2954656 -c--a-w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe

2010-02-19 13:38 . 2010-02-19 13:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2010-02-19 13:38 . 2010-02-19 13:38 -------- d-----w- c:\program files\Lavasoft

2010-02-15 23:59 . 2010-02-15 23:59 -------- d-----w- c:\documents and settings\kthorlakson\Application Data\Malwarebytes

2010-02-15 23:59 . 2010-01-07 22:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-02-15 23:59 . 2010-02-15 23:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-02-15 23:59 . 2010-02-15 23:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-02-15 23:59 . 2010-01-07 22:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-02-15 18:46 . 2010-02-15 18:46 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SAJJCDV

2010-02-15 18:46 . 2010-02-15 18:46 -------- d-sh--w- c:\documents and settings\All Users\Application Data\73cfff8

2010-02-13 16:51 . 2010-02-13 16:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage

2010-02-12 23:10 . 2010-02-12 23:10 -------- d-----w- c:\documents and settings\kthorlakson\Application Data\Office Genuine Advantage

2010-02-06 14:56 . 2010-02-06 14:56 13696 ----a-w- c:\windows\system32\drivers\wpsnuio.sys

2010-02-06 14:56 . 2010-02-06 14:56 -------- d-----w- c:\program files\Skyhook Wireless

2010-02-06 14:56 . 2010-02-06 14:56 -------- d-----w- c:\documents and settings\kthorlakson\Local Settings\Application Data\Skyhook Wireless

2010-02-06 14:55 . 2010-02-06 14:55 -------- d-----w- c:\program files\Boingo

2010-02-06 14:55 . 2010-02-06 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\GoBoingo

2010-01-27 18:22 . 2010-01-27 19:24 -------- d-----w- C:\SCANNER

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-23 13:38 . 2009-07-27 17:50 -------- d-----w- c:\documents and settings\kthorlakson\Application Data\HPAppData

2010-02-23 13:05 . 2009-06-08 19:47 0 ----a-w- c:\documents and settings\kthorlakson\Local Settings\Application Data\WavXMapDrive.bat

2010-02-22 11:40 . 2009-07-28 15:09 51200 ----a-w- c:\documents and settings\All Users\Application Data\Network Associates\Common Framework\Current\VSCANDAT1000\DAT\0000\validate.exe

2010-02-22 03:30 . 2009-05-22 17:31 -------- d-----w- c:\program files\Common Files\Adobe

2010-02-21 07:08 . 2009-07-27 17:18 -------- d-----w- c:\program files\HP

2010-02-19 19:42 . 2009-09-09 01:59 -------- d-----w- c:\program files\Auction Client

2010-02-19 13:40 . 2009-05-22 17:29 -------- d-----w- c:\program files\Google

2010-02-18 02:28 . 2009-10-21 16:21 -------- d-----w- c:\documents and settings\kthorlakson\Application Data\CameraWindowDC

2010-02-18 02:28 . 2009-10-21 18:12 -------- d-----w- c:\documents and settings\kthorlakson\Application Data\ZoomBrowser EX

2010-02-17 18:50 . 2009-05-22 21:55 1508784 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2010-02-13 23:48 . 2009-05-09 06:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2010-02-12 01:25 . 2009-08-14 21:53 -------- d-----w- c:\documents and settings\kthorlakson\Application Data\HpUpdate

2010-02-05 13:24 . 2009-06-15 15:37 256 ----a-w- c:\windows\system32\pool.bin

2010-02-04 15:53 . 2010-02-19 13:43 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys

2010-02-03 14:02 . 2009-12-08 18:23 -------- d-----w- c:\documents and settings\kthorlakson\Application Data\vlc

2010-01-27 18:24 . 2009-05-09 05:53 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-01-27 18:24 . 2009-05-26 20:04 -------- d-----w- c:\program files\Kyocera

2010-01-21 01:46 . 2009-05-09 06:14 -------- d-----w- c:\program files\Microsoft Silverlight

2010-01-18 19:41 . 2009-06-24 16:11 256 -c--a-w- c:\documents and settings\kthorlakson\pool.bin

2010-01-05 14:14 . 2009-05-09 06:13 -------- d-----w- c:\program files\Microsoft

2009-12-31 16:50 . 2008-04-25 16:16 353792 ------w- c:\windows\system32\drivers\srv.sys

2009-12-21 19:14 . 2008-04-25 16:16 916480 ----a-w- c:\windows\system32\wininet.dll

2009-12-16 18:43 . 2008-04-25 21:26 343040 ------w- c:\windows\system32\mspaint.exe

2009-12-14 07:08 . 2008-04-25 16:16 33280 ------w- c:\windows\system32\csrsrv.dll

2009-12-08 19:26 . 2008-04-25 16:16 2145280 ------w- c:\windows\system32\ntoskrnl.exe

2009-12-08 18:43 . 2008-04-14 00:01 2023936 ------w- c:\windows\system32\ntkrnlpa.exe

2009-12-04 18:22 . 2008-04-25 16:16 455424 ------w- c:\windows\system32\drivers\mrxsmb.sys

2009-11-27 17:11 . 2008-04-25 16:16 1291776 ------w- c:\windows\system32\quartz.dll

2009-11-27 17:11 . 2008-04-14 05:42 17920 ------w- c:\windows\system32\msyuv.dll

2009-11-27 16:07 . 2008-04-25 16:16 28672 ------w- c:\windows\system32\msvidc32.dll

2009-11-27 16:07 . 2001-08-17 22:36 8704 ------w- c:\windows\system32\tsbyuv.dll

2009-11-27 16:07 . 2008-04-25 16:16 11264 ------w- c:\windows\system32\msrle32.dll

2009-11-27 16:07 . 2008-04-25 16:16 84992 ------w- c:\windows\system32\avifil32.dll

2009-11-27 16:07 . 2008-04-14 05:41 48128 ------w- c:\windows\system32\iyuv_32.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]

@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"

[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]

2009-01-14 15:24 40960 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]

@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"

[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]

2009-01-14 15:24 40960 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-22 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-02-22 200704]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-17 483420]

"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2009-03-17 729088]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 134656]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-26 166912]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 134656]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-15 178712]

"ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2008-12-19 184320]

"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-12-22 145408]

"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2009-01-16 656696]

"EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2009-01-16 95544]

"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-01-19 667648]

"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2009-01-16 15360]

"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1037736]

"OBSystemTray"="c:\program files\SecureBackups OBM\bin\SystemTray.exe" [2009-05-27 372736]

"McAfeeUpdaterUI"="c:\epoagent\UpdaterUI.exe" [2003-09-25 135251]

"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2003-09-29 81990]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

"Boingo Wi-Fi"="c:\program files\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-02-23 2179]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]

Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-8-18 813584]

Printkey2000.lnk - c:\program files\PrintKey2000\Printkey2000.exe [2009-7-8 869376]

Scanner File Utility.lnk - c:\program files\Kyocera\FileUtility\NsCatCom.exe [2010-1-27 397312]

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2009-07-20 17:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Authentication Packages REG_MULTI_SZ msv1_0 wvauth

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Manager.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Desktop Manager.lnk

backup=c:\windows\pss\Desktop Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate]

2009-10-31 02:43 623960 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobiLink Lite]

2008-12-17 18:08 446553 ----a-w- c:\program files\Novatel Wireless\Mobilink\Lite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 17:42 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\{624E7452-BA43-4f55-B9D5-FC75EEA0808B}\\setup\\hpznui01.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2/19/2010 7:43 AM 64288]

R2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [6/27/2008 12:47 PM 1664248]

R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [7/1/2008 5:57 PM 110592]

R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [12/29/2008 10:07 AM 320800]

R2 CANNT;CANNT;c:\windows\system32\drivers\CANNT.SYS [3/20/2009 2:14 PM 23584]

R2 CATLNKNT;CATLNKNT;c:\windows\system32\drivers\CATLNKNT.SYS [3/20/2009 2:14 PM 23712]

R2 DLADRVNT;DLADRVNT;c:\windows\system32\drivers\DLADRVNT.SYS [3/20/2009 2:14 PM 32832]

R2 DLASIPNT;DLASIPNT;c:\windows\system32\drivers\DLASIPNT.SYS [3/20/2009 2:14 PM 82752]

R2 J1708NT;J1708NT;c:\windows\system32\drivers\J1708NT.SYS [3/20/2009 2:14 PM 23296]

R2 J1939NT;J1939NT;c:\windows\system32\drivers\J1939NT.SYS [3/20/2009 2:14 PM 24320]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2/4/2010 9:52 AM 1229232]

R2 PARCAII;PARCAII;c:\windows\system32\drivers\PARCAII.SYS [3/20/2009 2:14 PM 14602]

R2 PCSMHNT;PCSMHNT;c:\windows\system32\drivers\PCSMHNT.SYS [3/20/2009 2:14 PM 40000]

R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [5/9/2009 2:35 AM 112512]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [5/9/2009 2:35 AM 109568]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/29/2009 11:05 AM 133104]

S2 OBAutoUpdate;AutoUpdateAgent (SecureBackups Online Backup Manager);c:\program files\SecureBackups OBM\aua\bin\Aua.exe [6/22/2009 9:41 AM 73728]

S2 OBScheduler;Online Backup Scheduler (SecureBackups Online Backup Manager);c:\program files\SecureBackups OBM\bin\Scheduler.exe [6/22/2009 9:41 AM 77824]

S3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NvtSp50.sys --> c:\windows\system32\Drivers\NvtSp50.sys [?]

S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [5/9/2008 11:08 AM 174336]

S4 OBCDPService;Continuous Data Protection (SecureBackups Online Backup Manager);c:\program files\SecureBackups OBM\bin\CDPService.exe [6/22/2009 9:41 AM 262144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

2010-02-23 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 13:43]

2010-02-12 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2010-02-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-29 17:05]

2010-02-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-29 17:05]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.cnn.com/

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

DPF: {00140000-B1BA-11CE-ABC6-F5B2E79D9E3F} - hxxp://secureweb.volvo.com/Prosis/imageviewer/wmfview.cab

.

- - - - ORPHANS REMOVED - - - -

URLSearchHooks-EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-02-23 12:53

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(944)

c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

c:\program files\common files\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'lsass.exe'(1000)

c:\windows\system32\wvauth.dll

.

Completion time: 2010-02-23 12:54:38

ComboFix-quarantined-files.txt 2010-02-23 18:54

Pre-Run: 122,768,576,512 bytes free

Post-Run: 123,503,255,552 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 2691A3C3361A09054D1269AC1E5A88F9

Just wondering if everthing looks normal with this file?

Kev

[marktreg]

Hello, and welcome to Malwarebytes.org

We don't work on Malware removal in the general forums.

Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someon has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org