ComboFix 10-12-31.01 - Weelsl623 12/31/2010 19:00:53.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2586 [GMT...
Combofix said again that file C:\winnt\regedit.exe is infected and will try to fix it like it did the first time.........weird! David
ok, will do.
yes, the computer did reboot
I ran Blitzblank but not sure if it did anything because I can not find the C:\blitzblank.txt file David
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\winnt\ServicePackFiles\i386\user32.dll [-] 2008-04-14 ....
ComboFix 10-12-30.01 - Weelsl623 12/30/2010 20:44:12.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2584 [GMT...
SystemLook 04.09.10 by jpshortstuff Log created at 20:25 on 30/12/2010 by Weelsl623 Administrator - Elevation successful ========== filefind...
This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log...
------------------------ Other Running Processes ------------------------ . c:\program files\AMD\PowerNow!\GemServ.exe c:\program...
ComboFix 10-12-30.01 - Weelsl623 12/30/2010 19:38:47.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2493 [GMT...
DDS (Ver_10-12-12.02) - NTFSx86 Run by Weelsl623 at 16:59:22.01 on Thu 12/30/2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion:...
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows XP...
MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows XP Professional Windows Information: Service Pack 3 (build...
I use Microsoft Security Essentials now. Will repost MBR check. David
How do I disable any script blocking protection?? David
.text C:\WINNT\system32\svchost.exe[2220] msvcrt.dll!_creat...
.text C:\WINNT\system32\svchost.exe[1536] kernel32.dll!GetStartupInfoA...
.text C:\WINNT\system32\services.exe[1304] ADVAPI32.dll!RegCreateKeyExW...
GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2010-12-29 20:28:01 Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 ->...
Separate names with a comma.
