How do you send a private message to a moderating team member?

[Ignats]

I previously had a post open but was closed because it took me too long to respond..the post on there says to send a private message to a moderating team member to reopen the topic. How do I do that?

[Ignats]

I previously had a post open but was closed because it took me too long to respond..the post on there says to send a private message to a moderating team member to reopen the topic. How do I do that?

This was my previous topic..http://forums.malwarebytes.org/index.php?showtopic=33441&pid=173079&st=0entry173079

I have my combofix.txt log too.

ComboFix 10-02-23.03 - Meg 02/23/2010 18:55:36.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.502.204 [GMT -5:00]

Running from: c:\documents and settings\Meg\Desktop\ComboFix.exe

AV: avast! antivirus 4.8.1368 [VPS 100223-2] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\recycler\S-1-5-21-1351962889-1415972662-4200297307-1003

c:\recycler\S-1-5-21-1708537768-308236825-839522115-1003

c:\windows\Downloaded Program Files\popcaploader.dll

c:\windows\Downloaded Program Files\popcaploader.inf

c:\windows\system32\kanolalo.dll

c:\windows\system32\nizefipu.dll

c:\windows\system32\nudeleze.dll

c:\windows\system32\runivito.dll

c:\windows\system32\vabejodu.dll

c:\windows\system32\yizofuyu.dll

.

((((((((((((((((((((((((( Files Created from 2010-01-24 to 2010-02-24 )))))))))))))))))))))))))))))))

.

2010-02-23 17:10 . 2010-02-23 17:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Carbonite

2010-02-23 17:10 . 2010-02-23 17:10 -------- d-----w- c:\program files\Carbonite

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-01-19 01:55 . 2005-05-01 15:54 -------- d-----w- c:\program files\Common Files\AOL

2009-12-09 01:12 . 2009-12-09 01:11 43732816 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_single\4337.155.1.1\setup.exe

2009-12-09 01:11 . 2009-12-09 01:11 42960 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_single\4337.155.1.1\noneCodesignFilesBundle.exe

2009-12-03 21:14 . 2009-12-11 17:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-03 21:13 . 2009-12-11 17:49 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2004-08-04 08:00 . 2004-08-04 08:00 94784 --sh--w- c:\windows\twain.dll

2004-08-04 08:00 . 2004-08-04 08:00 50688 --sh--w- c:\windows\twain_32.dll

2004-08-04 08:00 . 2004-08-04 08:00 1028096 --sh--w- c:\windows\system32\mfc42.dll

2004-08-04 08:00 . 2004-08-04 08:00 54784 -csh--w- c:\windows\system32\msvcirt.dll

2004-08-04 08:00 . 2004-08-04 08:00 413696 --sh--w- c:\windows\system32\msvcp60.dll

2004-08-04 08:00 . 2004-08-04 08:00 343040 --sh--w- c:\windows\system32\msvcrt.dll

2007-12-04 18:38 . 2004-08-04 08:00 550912 --sh--w- c:\windows\system32\oleaut32.dll

2004-08-04 08:00 . 2004-08-04 08:00 83456 --sh--w- c:\windows\system32\olepro32.dll

2004-08-04 08:00 . 2004-08-04 08:00 11776 --sh--w- c:\windows\system32\regsvr32.exe

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]

@="{95A27763-F62A-4114-9072-E81D87DE3B68}"

[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]

2009-12-03 21:52 574096 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]

@="{E300CD91-100F-4E67-9AF3-1384A6124015}"

[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]

2009-12-03 21:52 574096 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]

@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"

[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]

2009-12-03 21:52 574096 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-08 39408]

"AOL Fast Start"="c:\program files\AOL 9.5\AOL.EXE" [2009-10-28 50536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-11-02 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-11-02 126976]

"AGRSMMSG"="AGRSMMSG.exe" [2004-08-24 88363]

"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-07-27 1388544]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2004-11-23 163840]

"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]

"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-11-01 290816]

"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-09-08 213054]

"hpWirelessAssistant"="c:\program files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe" [2004-12-08 790528]

"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 71216]

"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 57344]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-12 149280]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]

"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-05-07 591696]

"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264]

"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-12-08 122880]

"HostManager"="c:\program files\Common Files\AOL\1260560241\ee\AOLSoftware.exe" [2009-07-20 41264]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

"Carbonite Backup"="c:\program files\Carbonite\Carbonite Backup\CarboniteUI.exe" [2009-12-03 670864]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk

backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2009-05-30 16:30 292136 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2004-10-13 16:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]

2008-05-29 21:18 323216 ----a-w- c:\program files\Napster\napster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-05-26 21:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2005-05-01 15:56 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=

"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\AOL 9.5\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=

"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=

"c:\\Program Files\\Common Files\\AOL\\1260560241\\ee\\aolsoftware.exe"=

"c:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [8/17/2009 3:21 PM 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/17/2009 3:21 PM 20560]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/ig

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab

.

- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)

HKLM-Run-razinugiw - c:\windows\system32\vonowiya.dll

SharedTaskScheduler-{801fe508-1d94-4f3c-9ef7-d1ab6b0e3415} - c:\windows\system32\vonowiya.dll

SSODL-mehezuwik-{801fe508-1d94-4f3c-9ef7-d1ab6b0e3415} - c:\windows\system32\vonowiya.dll

MSConfigStartUp-HostManager - c:\program files\Common Files\AOL\1153411233\ee\AOLSoftware.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-02-23 19:15

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????3?4?4?5??????? ???B???????????????B? ??????

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1324)

c:\windows\system32\WININET.dll

c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Alwil Software\Avast4\aswUpdSv.exe

c:\program files\Alwil Software\Avast4\ashServ.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Carbonite\Carbonite Backup\carboniteservice.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Analog Devices\SoundMAX\SMAgent.exe

c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe

c:\program files\Alwil Software\Avast4\ashMaiSv.exe

c:\program files\Alwil Software\Avast4\ashWebSv.exe

c:\windows\system32\wscntfy.exe

c:\windows\AGRSMMSG.exe

c:\program files\Apoint2K\Apntex.exe

c:\progra~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe

c:\program files\HPQ\SHARED\HPQWMI.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

c:\program files\Common Files\AOL\ACS\AOLacsd.exe

c:\program files\AOL 9.5\waol.exe

c:\program files\AOL 9.5\shellmon.exe

c:\windows\SoftwareDistribution\Download\f1fc92ed2a5ec4aa6a3294a4cfcb6c6f\update\update.exe

.

**************************************************************************

.

Completion time: 2010-02-23 19:35:02 - machine was rebooted

ComboFix-quarantined-files.txt 2010-02-24 00:34

Pre-Run: 62,091,264,000 bytes free

Post-Run: 63,370,047,488 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 809A4D054682A50B803A59F75BFC9D79

[MysteryFCM]

http://forums.malwarebytes.org/index.php?a...=4&MID=1886

[Ignats]

http://forums.malwarebytes.org/index.php?a...=4&MID=1886

thanks