ThinkPoint Removal Help

[capshockey29]

Here is log1.txt

Windows IP Configuration



Host Name . . . . . . . . . . . . : CRexJr

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : Belkin



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-12-3F-0E-9C-01



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . : Belkin

Description . . . . . . . . . . . : Dell Wireless 1450 Dual Band WLAN Mini-PCI Card

Physical Address. . . . . . . . . : 00-0B-7D-26-4B-EB

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.7

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : Friday, December 03, 2010 3:59:34 PM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038 9:14:07 PM

Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.95.104, 74.125.95.105, 74.125.95.106, 74.125.95.147
74.125.95.99, 74.125.95.103



Pinging google.com [74.125.95.147] with 32 bytes of data:



Reply from 74.125.95.147: bytes=32 time=39ms TTL=52

Reply from 74.125.95.147: bytes=32 time=46ms TTL=52



Ping statistics for 74.125.95.147:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 39ms, Maximum = 46ms, Average = 42ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 12 3f 0e 9c 01 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3 ...00 0b 7d 26 4b eb ...... Dell Wireless 1450 Dual Band WLAN Mini-PCI Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.7 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.2.7 192.168.2.7 20
192.168.2.0 255.255.255.0 192.168.2.7 192.168.2.7 25
192.168.2.7 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.255 255.255.255.255 192.168.2.7 192.168.2.7 25
224.0.0.0 240.0.0.0 192.168.2.7 192.168.2.7 25
255.255.255.255 255.255.255.255 192.168.2.7 2 1
255.255.255.255 255.255.255.255 192.168.2.7 192.168.2.7 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None

[capshockey29]

It did not find any threats. Here is the log, let me know if it is not the correct format.

2010/12/03 16:17:47.0812 TDSS rootkit removing tool 2.4.10.1 Dec 2 2010 12:28:01
2010/12/03 16:17:47.0812 ================================================================================
2010/12/03 16:17:47.0812 SystemInfo:
2010/12/03 16:17:47.0812
2010/12/03 16:17:47.0812 OS Version: 5.1.2600 ServicePack: 3.0
2010/12/03 16:17:47.0812 Product type: Workstation
2010/12/03 16:17:47.0812 ComputerName: CREXJR
2010/12/03 16:17:47.0812 UserName: Administrator
2010/12/03 16:17:47.0812 Windows directory: C:\WINDOWS
2010/12/03 16:17:47.0812 System windows directory: C:\WINDOWS
2010/12/03 16:17:47.0812 Processor architecture: Intel x86
2010/12/03 16:17:47.0812 Number of processors: 1
2010/12/03 16:17:47.0812 Page size: 0x1000
2010/12/03 16:17:47.0812 Boot type: Normal boot
2010/12/03 16:17:47.0812 ================================================================================
2010/12/03 16:17:48.0109 Initialize success
2010/12/03 16:18:14.0140 ================================================================================
2010/12/03 16:18:14.0140 Scan started
2010/12/03 16:18:14.0140 Mode: Manual;
2010/12/03 16:18:14.0140 ================================================================================
2010/12/03 16:18:14.0640 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/12/03 16:18:14.0703 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/12/03 16:18:14.0781 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/12/03 16:18:14.0843 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/12/03 16:18:15.0031 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/12/03 16:18:15.0140 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/12/03 16:18:15.0171 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/12/03 16:18:15.0250 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/12/03 16:18:15.0359 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/12/03 16:18:15.0453 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2010/12/03 16:18:15.0562 bcm4sbxp (78123f44be9e4768852a3a017e02d637) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2010/12/03 16:18:15.0625 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/12/03 16:18:15.0765 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/12/03 16:18:15.0812 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/12/03 16:18:15.0859 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/12/03 16:18:15.0984 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/12/03 16:18:16.0156 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2010/12/03 16:18:16.0218 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2010/12/03 16:18:16.0421 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/12/03 16:18:16.0515 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/12/03 16:18:16.0640 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/12/03 16:18:16.0671 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/12/03 16:18:16.0734 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/12/03 16:18:16.0796 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/12/03 16:18:16.0843 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/12/03 16:18:16.0937 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2010/12/03 16:18:17.0000 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/12/03 16:18:17.0062 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/12/03 16:18:17.0125 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2010/12/03 16:18:17.0171 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/12/03 16:18:17.0203 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/12/03 16:18:17.0234 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/12/03 16:18:17.0281 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/12/03 16:18:17.0343 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/12/03 16:18:17.0437 HSFHWICH (a84bbbdd125d370593004f6429f8445c) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
2010/12/03 16:18:17.0515 HSF_DPV (b678fa91cf4a1c19b462d8db04cd02ab) C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS
2010/12/03 16:18:17.0640 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/12/03 16:18:17.0765 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/12/03 16:18:17.0890 ialm (d705558b6a678e894c5c67430eef67a2) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2010/12/03 16:18:17.0984 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/12/03 16:18:18.0078 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/12/03 16:18:18.0140 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/12/03 16:18:18.0187 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2010/12/03 16:18:18.0265 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/12/03 16:18:18.0296 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/12/03 16:18:18.0343 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/12/03 16:18:18.0375 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/12/03 16:18:18.0437 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/12/03 16:18:18.0484 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/12/03 16:18:18.0531 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/12/03 16:18:18.0578 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/12/03 16:18:18.0671 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/12/03 16:18:18.0750 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/12/03 16:18:18.0859 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/12/03 16:18:18.0937 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/12/03 16:18:19.0000 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/12/03 16:18:19.0062 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/12/03 16:18:19.0109 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/12/03 16:18:19.0156 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/12/03 16:18:19.0234 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/12/03 16:18:19.0281 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/12/03 16:18:19.0328 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/12/03 16:18:19.0390 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/12/03 16:18:19.0421 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/12/03 16:18:19.0484 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/12/03 16:18:19.0531 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/12/03 16:18:19.0640 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/12/03 16:18:19.0671 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/12/03 16:18:19.0703 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/12/03 16:18:19.0734 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/12/03 16:18:19.0750 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/12/03 16:18:19.0812 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/12/03 16:18:19.0843 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/12/03 16:18:19.0906 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/12/03 16:18:19.0937 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/12/03 16:18:19.0984 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/12/03 16:18:20.0062 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/12/03 16:18:20.0125 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/12/03 16:18:20.0156 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/12/03 16:18:20.0187 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/12/03 16:18:20.0234 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/12/03 16:18:20.0296 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/12/03 16:18:20.0359 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/12/03 16:18:20.0390 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/12/03 16:18:20.0437 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
2010/12/03 16:18:20.0484 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2010/12/03 16:18:20.0687 pnarp (ce27fc8bdc54b3ac63d53e2d5f6cc929) C:\WINDOWS\system32\DRIVERS\pnarp.sys
2010/12/03 16:18:20.0718 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/12/03 16:18:20.0765 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/12/03 16:18:20.0796 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/12/03 16:18:20.0843 purendis (f4fd591e86ecb6b5d000c7d6c987416b) C:\WINDOWS\system32\DRIVERS\purendis.sys
2010/12/03 16:18:20.0984 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/12/03 16:18:21.0015 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/12/03 16:18:21.0093 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/12/03 16:18:21.0109 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/12/03 16:18:21.0171 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/12/03 16:18:21.0187 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/12/03 16:18:21.0265 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/12/03 16:18:21.0343 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/12/03 16:18:21.0375 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/12/03 16:18:21.0453 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/12/03 16:18:21.0500 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/12/03 16:18:21.0531 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/12/03 16:18:21.0656 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/12/03 16:18:21.0765 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/12/03 16:18:21.0828 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/12/03 16:18:21.0906 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/12/03 16:18:21.0984 STAC97 (305cc42945a713347f978d78566113f3) C:\WINDOWS\system32\drivers\STAC97.sys
2010/12/03 16:18:22.0015 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/12/03 16:18:22.0078 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/12/03 16:18:22.0203 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/12/03 16:18:22.0281 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/12/03 16:18:22.0343 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/12/03 16:18:22.0421 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/12/03 16:18:22.0484 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/12/03 16:18:22.0578 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/12/03 16:18:22.0718 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/12/03 16:18:22.0781 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/12/03 16:18:22.0828 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/12/03 16:18:22.0875 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/12/03 16:18:22.0906 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/12/03 16:18:22.0953 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/12/03 16:18:23.0046 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/12/03 16:18:23.0078 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/12/03 16:18:23.0109 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/12/03 16:18:23.0140 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/12/03 16:18:23.0203 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/12/03 16:18:23.0250 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/12/03 16:18:23.0359 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/12/03 16:18:23.0453 winachsf (0c5b9cf1bdf998750d9c5eeb5f8c55ac) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2010/12/03 16:18:23.0640 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/12/03 16:18:23.0687 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/12/03 16:18:23.0906 ================================================================================
2010/12/03 16:18:23.0906 Scan finished
2010/12/03 16:18:23.0906 ================================================================================
2010/12/03 16:19:32.0921 Deinitialize success

[capshockey29]

MBAM found nothing, here is the scan

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5240

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/3/2010 4:28:34 PM
mbam-log-2010-12-03 (16-28-34).txt

Scan type: Quick scan
Objects scanned: 140168
Time elapsed: 4 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[Blade81]

Hi,

Open notepad and then copy and paste the bolded lines below into it. Go to File > save as and name the file fixes.bat, change the Save as type to all files and save it to your desktop.
@ECHO OFF
c:\windows\mbr.exe -t >Log.txt
START Log.txt
DEL %0

Double-click on fixes.bat file to execute it. Notepad should open up. Post back its contents, please.

--------------

Looks like you have a router in use. Which brand & model?

--------------

In the windows control panel. If you are using Windows XP's Category
View, select the Network and Internet Connections category otherwise
double click on Network Connections. Then right click on your default
connection, usually local area connection for cable and dsl, and left
click on properties. Click the Networking tab. Double-click on the
Internet Protocol (TCP/IP) item and select the radio dial that says
Obtain DNS servers automatically
Press OK twice to get out of the properties screen and reboot if it asks.
That option might not be avaiable on some systems
Next Go start run type cmd and hit OK
type ipconfig /flushdns
then hit enter, type exit hit enter
(that space between g and / is needed)

----------------

Let's run OTL.

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  Code:

  :OTL
  FF - prefs.js..keyword.URL: "http://search.fast-find.net/?sid=10101066100&s="
  :Files
  C:\WINDOWS\tasks\At16.job
  :Commands
  [emptytemp]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• Then post result log.

---------------

Please create a fresh OTL.txt log and post back it together with above requested logs & info + description of current issues.

[capshockey29]

Set up the fix in the notepad. Saved and ran it no log would come up. Let it run for over 24 hours and a log developed but the command window would not close. When I rebooted my computer and read the log, it had no information in it.

[capshockey29]

The router is a Belkin G Wireless Router Model F5D7234-4 v4

[capshockey29]

Flushed the DNS and ran the fix. Here is the OTL fix log.

All processes killed
========== OTL ==========
Prefs.js: "http://search.fast-find.net/?sid=10101066100&s=" removed from keyword.URL
========== FILES ==========
C:\WINDOWS\tasks\At16.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 185240658 bytes
->Temporary Internet Files folder emptied: 5328129 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 46863508 bytes
->Flash cache emptied: 456 bytes

User: All Users

User: C-Rex
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 115171 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 227.00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 12032010_193453

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[capshockey29]

There are no current issues I am dealing with that are out of the unusual outside of not being able to get a log from the fix. Here is my current Fresh OTL report.

OTL logfile created on: 12/4/2010 12:17:24 PM - Run 10
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 239.00 Mb Available Physical Memory | 48.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 46.06 Gb Free Space | 82.41% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: CREXJR | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (PEVSystemStart) -- C:\whatever.exe15560w\PEV.cfx File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe ()
SRV - (MSDTC) -- C:\WINDOWS\system32\msdtc.exe ()


========== Driver Services (SafeList) ==========

DRV - (UIUSys) -- C:\WINDOWS\System32\drivers\UIUSys.sys File not found
DRV - (catchme) -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Cisco Systems, Inc.)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (STAC97) -- C:\WINDOWS\system32\drivers\STAC97.sys (SigmaTel, Inc.)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us"
FF - prefs.js..browser.search.order.1: "Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://webmail.mizzou.edu/"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/21 11:18:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/26 07:04:57 | 000,000,000 | ---D | M]

[2009/10/07 14:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/12/02 08:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rhdnctax.default\extensions
[2010/04/26 20:16:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rhdnctax.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/13 06:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rhdnctax.default\extensions\personas@christopher.beard
[2009/12/05 09:10:36 | 000,004,554 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rhdnctax.default\searchplugins\aim-search.xml
[2010/12/02 08:12:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/26 07:19:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/11/26 07:17:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/03/09 17:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2010/10/20 09:36:58 | 000,002,209 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\websearch.xml

O1 HOSTS File: ([2010/11/13 11:19:33 | 000,425,401 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14658 more lines...
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1254503707578 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsof...?1254503766796 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/02 09:26:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b72adcc6-2a6a-11df-baaa-000b7d264beb}\Shell\AutoRun\command - "" = E:\JDSecure\Windows\JDSecure31.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/03 13:23:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\P
[2010/12/02 12:29:14 | 001,344,600 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Desktop\TDSSKiller.exe
[2010/12/01 14:15:12 | 000,000,000 | --SD | C] -- C:\whatever.exe15560w
[2010/11/30 10:14:57 | 000,000,000 | --SD | C] -- C:\whatever.exe
[2010/11/28 11:24:02 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/11/26 19:20:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/11/26 19:20:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/11/26 19:20:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/11/26 19:20:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/11/26 19:18:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/26 07:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/11/26 07:24:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/11/26 07:19:05 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/11/26 07:19:04 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/11/26 07:19:04 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/11/26 07:19:04 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/11/26 07:08:25 | 016,074,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Administrator\Desktop\jre-6u22-windows-i586.exe
[2010/11/26 00:34:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/13 10:28:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/11/13 10:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/11/13 10:22:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/11/13 09:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/11/13 09:54:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/13 09:54:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/11/13 09:54:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/13 09:54:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/13 09:39:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/11/13 09:35:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[1 C:\Documents and Settings\Administrator\Desktop\*.tmp files -> C:\Documents and Settings\Administrator\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/04 12:16:08 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{89CBC202-F144-4B9C-88DB-B7B395412A15}.job
[2010/12/04 12:15:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/04 12:14:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/03 19:13:11 | 000,000,064 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\fixes.bat
[2010/12/03 16:16:23 | 001,344,600 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Desktop\TDSSKiller.exe
[2010/12/03 16:15:23 | 001,230,433 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\tdsskiller.zip
[2010/12/03 13:19:12 | 000,000,328 | RHS- | M] () -- C:\boot.ini
[2010/12/03 12:54:00 | 000,000,428 | ---- | M] () -- C:\WINDOWS\tasks\VersionCheck.job
[2010/12/01 14:14:39 | 003,983,387 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\whatever.exe.exe
[2010/11/30 16:22:01 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\w7k885mu.exe
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/26 19:19:57 | 000,451,788 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/26 19:19:57 | 000,077,202 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/26 07:38:03 | 002,672,312 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\esetsmartinstaller_enu.exe
[2010/11/26 07:17:53 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/11/26 07:17:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/11/26 07:17:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/11/26 07:17:53 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/11/26 07:17:52 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/11/26 07:09:43 | 016,074,528 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Administrator\Desktop\jre-6u22-windows-i586.exe
[2010/11/26 07:04:57 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/13 11:19:33 | 000,425,401 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/11/13 10:48:35 | 000,630,272 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\look.com.com
[2010/11/13 10:31:16 | 000,630,272 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\look.com.scr
[2010/11/13 10:28:37 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/11/13 10:28:01 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/11/13 10:22:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/11/13 09:54:28 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
[1 C:\Documents and Settings\Administrator\Desktop\*.tmp files -> C:\Documents and Settings\Administrator\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/03 19:13:11 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\fixes.bat
[2010/12/03 16:15:21 | 001,230,433 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\tdsskiller.zip
[2010/11/30 16:22:00 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\w7k885mu.exe
[2010/11/28 11:24:10 | 000,000,212 | ---- | C] () -- C:\Boot.bak
[2010/11/28 11:24:05 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/11/26 19:20:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/11/26 19:20:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/11/26 19:20:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/11/26 19:20:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/11/26 19:20:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/11/26 14:11:08 | 003,983,387 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\whatever.exe.exe
[2010/11/26 07:37:40 | 002,672,312 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\esetsmartinstaller_enu.exe
[2010/11/13 10:48:33 | 000,630,272 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\look.com.com
[2010/11/13 10:31:15 | 000,630,272 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\look.com.scr
[2010/11/13 10:28:37 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/11/13 10:28:01 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/11/13 09:54:28 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/24 21:53:56 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/10/15 07:39:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2009/10/07 15:48:02 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/07 10:35:23 | 000,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/10/02 11:06:03 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/10/02 11:06:02 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009/10/02 10:46:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll
[2009/10/02 04:13:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/04/14 06:00:00 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\msports.dll

< End of report >

[Blade81]

Hi,

Problems with ComboFix, DDS and the latest fix.bat run are all connected with the same problem. Those just don't work on all systems. I don't know reason for that.

To be on safe side, I recommend to reset router back to factory default state and then change its password to something from the default one. Router manual should have instructions for that.

Please check if C:\WINDOWS\P folder exists and what it holds inside.

Have both msconfig and wmi errors stayed away?

[capshockey29]

I created the P folder when trying to upload the task on to bleeping computer because the tasks folder would not open. I have deleted the folder and it was empty.

I have not had any errors with msconfig or wmi.