Member Avatar for alejito

I can't access microsoft.com, hotmail.com, hijack this webpage, and sometimes other seemingly random webpages like bbc news, met office, gametrailers etc. Most other webpages work fine though

I've tried MalwareBytes AntiMalware, but found nothing. I've run hijack and didn't see anything suspicious, but got rid of everything that was not necessary just in case. Also deleted all cookies, updated windows,winSocksfix, checked the hosts file, run spybot, and run "net stop dnscache" without any results.

The interesting thing is that yesterday, I had the same problem, but the difference was that some webpages would redirect me to fake webs, i.e. hijackthis webpage was replaced with a generic "antivirus.com - what you need it, when you need it", and the same thing with the met office webpage. Then I started doing all the hijackThis, spybot scanning etc etc but nothing worked, and suddenly it was gone. All webpages were loading fine again. I pretended I had probably fixed it without realizing but I knew something was not quite right =)

But now again the same problem =( no generic "what you need, when you need it" webs this time though

  • 2 Contributors
  • 10 Replies
  • 383 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by PhilliePhan

Recommended Answers

All 10 Replies

Member Avatar for PhilliePhan

I can't access microsoft.com, hotmail.com, hijack this webpage, and sometimes other seemingly random webpages like bbc news, met office, gametrailers etc. Most other webpages work fine though

I am a bit "over-extended," so hopefully another volunteer can jump in and run with this, but to get started, please do the following:

FIRST:

Please download GMER Rootkit Scanner:
http://www.gmer.net/download.php

-- DoubleClick the .exe file and, if asked, allow the gmer.sys driver to load.
-- If you receive a warning about Rootkit Activity and GMER asks if you want to run a scan, Click NO

-- Make sure the Rootkit/Malware Tab is selected (Top Left of GMER GUI)
Along the Right Side of the GMER GUI there will be a number of checked boxes. Please Uncheck the following:
- Sections
- Drives or Partitions other than your Systemdrive (usually C:\)
- Show All (be sure this one remains Unchecked)

-- Then, click the Scan Button
Allow the scan as long as it needs and then save the log to where you can easily find it and post it for me.

***Disconnect from the internet and do not run any other programs while GMER is scanning. Temporarily disable any real-time anti-spyware or anti-virus protection so they do not interfere with the running of GMER.
DO NOT take any action for any found items until I can have a look.

THEN:

-- Download DDS by sUBs and save it to your Desktop
-- If your AV has a script blocker, please disable it
-- DoubleClick on dds.scr to run the tool

* A command box will open, displaying added information for your reading pleasure while DDS completes its scan.
* Upon completion, a Dialog Box should open instructing you to save and post the TWO resulting logs (DDS.txt & Attach.txt).

- Copy&Paste the DDS.txt into your next post.
- Please post Attach.txt as an attachment to your post - there is no need to Zip it. If you don’t know how to post an attachment, please Copy&Paste it along with the DDS.txt scanlog.


Please post the requested logs and I or another volunteer will check back as time permits.

PP:)

Edited by PhilliePhan because: The Usual. . . .
Member Avatar for alejito

GMER didn't seem to detect anything ..

Here are the logs

DDS.txt:

DDS (Ver_09-10-26.01) - NTFSx86
Run by puyo at 22:01:47.71 on 11/11/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2046.1650 [GMT 0:00]

FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Bandwidth Monitor Pro\Bandwidth Monitor Pro.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\puyo\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

BHO: Loader Class: {f880a4a8-c436-4ac4-afd1-aa0bdc9552dd} - c:\documents and settings\puyo\my documents\downloads\findexer nightly v1.1.0.4b538\FindeXer.dll
EB: FindeXer: {377d8121-efaa-4d1c-981b-8bfad9f10de3} - c:\documents and settings\puyo\my documents\downloads\findexer nightly v1.1.0.4b538\FindeXer.dll
uRun: [Google Update] "c:\documents and settings\puyo\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Bandwidth Monitor Pro] "c:\program files\bandwidth monitor pro\Bandwidth Monitor Pro.exe" /minimized
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\puyo\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
IE: Add to Evernote - c:\program files\evernote\evernote3\enbar.dll/2000
IE: {E0B8C461-F8FB-49b4-8373-FE32E9252800} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEE1} - c:\program files\evernote\evernote3\enbar.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\puyo\applic~1\mozilla\firefox\profiles\xatx04dk.default\
FF - component: c:\documents and settings\puyo\application data\mozilla\firefox\profiles\xatx04dk.default\extensions\piclens@cooliris.com\components\cooliris.dll
FF - plugin: c:\documents and settings\puyo\application data\mozilla\firefox\profiles\xatx04dk.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\documents and settings\puyo\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\tabletplugins\npwacom.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-9-11 132168]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-9-11 25160]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-10-10 4463400]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2009-10-10 16168]

=============== Created Last 30 ================

2009-11-11 21:04:43 0 d-sh--w- c:\documents and settings\puyo\PrivacIE
2009-11-11 20:41:55 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-11-11 20:41:55 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-11-11 20:36:31 0 d-sh--w- c:\documents and settings\puyo\IETldCache
2009-11-11 20:30:43 873 ----a-w- c:\windows\system32\spupdsvc.inf
2009-11-11 20:27:39 0 dc-h--w- c:\windows\ie8
2009-11-10 21:36:22 0 d-----w- c:\docume~1\puyo\applic~1\Malwarebytes
2009-11-10 21:36:18 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-10 21:36:15 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-10 21:36:15 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-10 21:36:15 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-11-10 21:01:21 0 d-----w- c:\program files\Trend Micro
2009-11-10 20:49:32 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-11-10 20:49:32 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2009-11-10 20:49:32 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-11-09 21:47:35 0 d-----w- c:\docume~1\puyo\applic~1\Launchy
2009-11-09 21:47:03 0 d-----w- c:\program files\Launchy
2009-11-09 21:24:50 0 d-----w- c:\docume~1\puyo\applic~1\SlickRun
2009-11-09 21:24:39 0 d-----w- c:\program files\SlickRun
2009-11-09 21:20:55 0 d-----w- c:\program files\RSSOwl
2009-11-08 12:14:02 0 d-----w- c:\docume~1\puyo\applic~1\Spotify
2009-11-08 12:13:32 0 d-----w- c:\program files\Spotify
2009-10-26 17:05:55 0 d-----w- C:\ani
2009-10-25 20:42:21 0 d-----w- c:\program files\mIRC
2009-10-25 20:42:21 0 d-----w- c:\docume~1\puyo\applic~1\mIRC
2009-10-25 17:24:55 0 d-----w- C:\Sakuga
2009-10-25 17:21:59 0 d-----w- c:\documents and settings\puyo\dwhelper
2009-10-25 17:09:39 0 d-----w- C:\FirefoxPortable
2009-10-23 15:42:28 86016 ----a-w- c:\windows\unvise32.exe
2009-10-23 15:40:48 0 d-----w- c:\program files\Bandwidth Monitor Pro
2009-10-23 12:49:14 0 d-----w- c:\windows\system32\NtmsData
2009-10-23 12:31:50 0 d-----w- c:\program files\Western Digital Corporation
2009-10-23 10:41:15 0 d-----w- c:\program files\Greasemetal
2009-10-21 21:23:07 0 ----a-w- C:\Documents
2009-10-20 22:16:30 754 ----a-w- c:\windows\WORDPAD.INI
2009-10-20 20:59:26 44 ----a-w- c:\windows\MSYS.INI
2009-10-20 20:59:24 0 d-----w- C:\msys
2009-10-20 20:44:34 324096 ----a-w- c:\windows\system32\SDL.dll
2009-10-20 18:05:36 0 d-----w- C:\MinGW
2009-10-20 14:55:20 0 d-----w- C:\lcc
2009-10-19 20:14:05 0 d-----w- c:\program files\PSCS2
2009-10-19 20:04:51 0 d-----w- c:\program files\common files\Adobe Systems Shared
2009-10-19 17:26:49 0 d-----w- c:\docume~1\puyo\applic~1\FindeXer
2009-10-18 23:55:42 0 d-----w- c:\docume~1\puyo\applic~1\.bsnes
2009-10-16 20:19:45 0 d-----w- c:\program files\Microsoft Games
2009-10-16 00:44:01 0 d-----w- C:\games
2009-10-16 00:41:55 0 d-----w- c:\program files\Doomsday
2009-10-14 23:31:52 0 d-----w- c:\program files\FlashFXP
2009-10-14 23:31:51 0 d-----w- c:\docume~1\alluse~1\applic~1\FlashFXP

==================== Find3M ====================

2009-10-05 20:20:23 507904 ----a-w- c:\windows\system32\winlogon.exe
2009-09-28 15:06:02 4463400 ----a-w- c:\windows\system32\Wacom_Tablet.exe
2009-09-28 15:06:00 411432 ----a-w- c:\windows\system32\Wacom_Tablet.dll
2009-09-28 15:01:40 285184 ----a-w- c:\windows\system32\Wintab32.dll
2009-09-13 13:39:17 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-11 20:04:55 179792 ----a-w- c:\windows\system32\guard32.dll
2009-09-11 17:53:29 457248 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-11 17:53:29 1579630 ----a-w- c:\windows\system32\nvdata.bin
2009-09-11 17:53:29 1314816 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 07:34:57 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-16 15:08:36 178176 ----a-w- c:\windows\system32\unrar.dll
2009-08-14 13:21:25 1850624 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 22:02:01.18 ===============


thank you =)

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/09/2009 08:39:05
System Uptime: 11/11/2009 20:35:45 (2 hours ago)

Motherboard: ASUSTeK Computer INC. |  | M2N4-SLI
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket AM2  | 2211/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 233 GiB total, 61.178 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 466 GiB total, 223.405 GiB free.
G: is FIXED (NTFS) - 1397 GiB total, 932.343 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Memory Controller
Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_815A1043&REV_A3\3&2411E6FE&0&00
Manufacturer: 
Name: PCI Memory Controller
PNP Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_815A1043&REV_A3\3&2411E6FE&0&00
Service: 

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&2411E6FE&0&09
Manufacturer: 
Name: SM Bus Controller
PNP Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&2411E6FE&0&09
Service: 

==== System Restore Points ===================

RP48: 25/10/2009 19:39:41 - System Checkpoint
RP49: 28/10/2009 03:36:39 - System Checkpoint
RP50: 07/11/2009 15:57:16 - Software Distribution Service 3.0
RP51: 09/11/2009 04:24:31 - System Checkpoint
RP52: 10/11/2009 06:44:59 - System Checkpoint
RP53: 10/11/2009 21:43:30 - Installed CounterSpy.
RP54: 10/11/2009 21:53:17 - Removed CounterSpy.
RP55: 11/11/2009 20:22:30 - Software Distribution Service 3.0

==== Installed Programs ======================

"Minimal SYStem 1.0.11"
3dsmax ancillary install
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Stock Photos 1.0
Torrent
Autodesk 3ds Max 9 32-bit
Autodesk DWF Viewer 7
Backburner
Bandwidth Monitor Pro
Bayden SlickRun
COMODO Internet Security
Data Lifeguard Diagnostic for Windows
Doomsday Engine 1.9.0-beta6.7
eMule
Evernote
FBX Plugin 2006.08 for Max 9.0
FlashFXP v3
Foxit Reader
Google Chrome
Greasemetal Version 0.2
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
IrfanView (remove only)
K-Lite Codec Pack 5.1.0 (Standard)
Launchy 2.1.2
lcc-win32 version 3.2 (base system)
Magic ISO Maker v5.5 (build 0276)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MilkShape 3D 1.8.4
MinGW 5.1.6
mIRC
Mozilla Firefox (3.5.4)
NVIDIA Drivers
NVIDIA GAME System Software 2.8.1
RayFire Tool 1.45 - Max 9 - 32 bit (DEMO)
Realtek AC'97 Audio
RSSOwl
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Spotify
Spybot - Search & Destroy
Total Commander (Remove or Repair)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
VLC media player 1.0.1
Wacom Tablet
WebFldrs XP
WebTablet IE Plugin
WebTablet Netscape Plugin
WhereIsIt? 3.97
Windows Internet Explorer 8
WinRAR archiver

==== Event Viewer Messages From Past Week ========

11/11/2009 20:30:41, error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for Type with the following error:  Access is denied.
11/11/2009 19:20:42, error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for Start with the following error:  Access is denied.

==== End Of File ===========================
Member Avatar for alejito

Something else, might be useful:
A couple of minutes comodo firewall warned me that sevices.exe was trying to modify the windows service registry root HKLM\system\controlset002\services\BITS\start

I'm in the process of trying to find out what it means but a quick google search did turn anything particularly useful.

Needless to say I blocked the request, for now at least.

Member Avatar for PhilliePhan

GMER didn't seem to detect anything ..

No log at all from GMER?
Try running it again. Select the Rootkit/Malware Tab and just click the Scan button.

Allow the scan as long as it needs and then click the save button and name the log GMER – 1.log and save it to where you can easily find it and post it for me.


PP:)

Member Avatar for alejito

Sorry I thought I wasn't meant to post that one =)

Oh and apparently that BITS I mentioned earlier is the Background Intelligent Transfer Service, although you probably knew that.

I had to zip it since I got an "invalid file" error when trying to upload it (?)

thanks ;D

GMER1.zip (2.21 KB)
Member Avatar for PhilliePhan

I had to zip it since I got an "invalid file" error when trying to upload it (?)

My fault - this forum doesn't support .log attachments - I should've had you change it to .txt.
No worries.

Could you click START > RUN > type cmd ENTER
At the command prompt type dir /a /s atapi.sys >> C:\Logit.txt ENTER

Then please post the C:\Logit.txt

PP :)

Member Avatar for alejito

It's so small that I guess it's easier if I just paste it :

Directory of C:\WINDOWS\system32\drivers

13/04/2008 22:10 96,512 atapi.sys
1 File(s) 96,512 bytes

only that

Member Avatar for PhilliePhan

It's so small that I guess it's easier if I just paste it :

Directory of C:\WINDOWS\system32\drivers

13/04/2008 22:10 96,512 atapi.sys
1 File(s) 96,512 bytes

only that

That's odd - there should be more.

What about C:\I386\atapi.sys - anything there?
How about C:\WINDOWS\ServicePackFiles\i386\atapi.sys - Any luck?

PP :)

Member Avatar for alejito

I don't have those folders I'm afraid. I do have C:\WINDOWS\Driver Cache\i386, but no atapi.sys there either.

Member Avatar for PhilliePhan

I don't have those folders I'm afraid. I do have C:\WINDOWS\Driver Cache\i386, but no atapi.sys there either.

That is quite strange.


Let's try a different tack and go ahead with combofix:
If you already have Combofix on your machine, DELETE it.
Then follow the instructions in the link below to download a fresh copy of Combofix and run it:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please follow the instructions in the linky very carefully to run it and then post the combofix log for me.
Be sure to install Recovery Console (if you are able to do so) and disable any other security programs or Anti-Virus programs as per the linky before running Combofix!

I will check back as time permits.

PP:)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.