Virus may have infected network.

[xxxGangrelxxx]

Hi, this virus is a smart one, it's even blocking the names of the antivirus software you guys have posted. I got it just simply browsing, it told me I needed a flash update. (I feel really dumb for clicking yes to that now.) I've been trying everything. Malwarebytes, superantispyware ree edition. They all find a lot of stuff, they all remove a lot of stuff, but the virus remains. It likes to redirect my webpages, it takes me ages to get anywhere. Safe mode won't run. I have Windows 7 32 bit, I hit F8 over and over while booting... no safe mode... I dunno if it's half my ignorance half the virus. I just really need help. I'm willing to talk on MSN. This is doing my head in, it's 4am, and I can't just walk away, I need to fix this or I won't sleep.

I hope for a speedy response. In desperation, Gangrel.

Update: I've got the laptop and my desktop offline and totally unplugged from the router. i'm on the old PC and it seems to be fine so far. I'm going to try download someantivirus onto a thumb drive and then take that to the others and install. I already installed Malwarebytes and all that, but it seems to skip from 200 files scanned to 50,000, so i'm thinking the virus got to it. Any advice would be GREATLY appreciated.

Also, all my files and folders are greyed out/see through, but they still work.

Okay so I found out that I had the Widows Recovery Virus. But I think I got another one with it too. I ran ComboFix, and I'll post the lnog in the next post so i don't mess it up.

The other thing my PC is doing is browser related. Every time i click a web link, from google, whther in Fire fox or in IE, it will redirect me first to a site called Filehost.net (i'm not sure, I can't seem to get it to do it anymore.. perhaps it run off or hiding, it was doing it a moment ago.) Anyway, It's been a long night, and I just want this to go away. I've exhausted my limited knowledge, so i'll just post this log and hope one of you lovely people will tell me if I need to do anything more.

Oh, also, I ran ComboFix in Safe mode, then rebooted and ran windows normally... Then ran MBam and Microsoft Security Essentials scan. Both came up clean.

 

[xxxGangrelxxx]

ComboFix 11-08-27.01 - karl 28/08/2011 4:36.1.2 - x86 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3326.2759 [GMT 8:00]
Running from: J:\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\karl\AppData\Roaming\Microsoft\Windows\Recent\Al Bhed Translator.url
c:\users\karl\AppData\Roaming\Microsoft\Windows\Recent\Currency Shop FMX.url
c:\users\karl\videos\dvdflick_setup_1.3.0.7.exe
c:\users\karl\videos\Firefox Setup 4.0.exe
c:\users\karl\videos\IE9-Windows7-x86-enu.exe
c:\users\karl\videos\InstallIMVU_458.0_st_c.exe
c:\users\karl\videos\msgr10us.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-07-27 to 2011-08-27 )))))))))))))))))))))))))))))))
.
.
2011-08-27 21:13 . 2011-08-27 21:14 -------- d-----w- c:\users\karl\AppData\Local\temp
2011-08-27 21:13 . 2011-08-27 21:13 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-08-27 21:13 . 2011-08-27 21:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-27 18:07 . 2011-08-27 18:07 -------- d-----w- c:\programdata\Malwarebytes
2011-08-27 17:47 . 2011-08-27 17:47 0 ---ha-w- c:\users\karl\AppData\Local\BIT3B7.tmp
2011-08-18 17:51 . 2011-08-18 17:51 -------- d-----w- c:\program files\Conduit
2011-08-18 17:51 . 2011-08-27 18:38 -------- d-----w- c:\users\karl\AppData\Local\Conduit
2011-08-18 17:51 . 2011-08-18 17:51 -------- d-----w- c:\program files\IMVU_Inc
2011-08-18 17:51 . 2011-08-27 18:46 -------- d--h--w- c:\users\karl\AppData\Roaming\IMVU
2011-08-18 16:43 . 2011-08-27 18:35 -------- d-----w- c:\users\karl\AppData\Roaming\Kaneva
2011-08-18 16:35 . 2011-08-27 18:38 -------- d-----w- c:\program files\Kaneva
2011-08-18 16:15 . 2011-08-18 16:30 -------- d--h--w- c:\users\karl\AppData\Local\Avatar Reality
2011-08-17 21:55 . 2011-08-17 21:55 81920 ----a-w- c:\program files\Mozilla Firefox\plugins\npkanevapatch.dll
2011-08-17 21:09 . 2011-08-17 21:09 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-08-15 23:20 . 2011-08-15 23:20 4892320 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-08-15 15:43 . 2011-08-15 15:43 -------- d--h--w- c:\users\karl\AppData\Local\DDMSettings
2011-08-15 15:03 . 2011-08-15 15:06 -------- d-----w- c:\program files\DivX
2011-08-11 12:35 . 2010-11-30 03:43 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-08-10 09:04 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-10 09:04 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 09:04 . 2011-07-09 02:30 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-09 16:25 . 2011-08-09 16:25 -------- d--h--w- c:\users\karl\AppData\Local\IsolatedStorage
2011-08-09 16:24 . 2011-08-27 18:38 -------- d-----w- c:\users\karl\AppData\Local\Sublight_Labs
2011-08-09 16:24 . 2011-08-09 16:24 -------- d-----w- c:\program files\Sublight
2011-08-04 19:01 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 02:44 . 2011-07-15 04:54 7152464 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-22 20:51 . 2011-07-22 20:51 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-07-14 01:38 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-07-14 01:19 . 2010-06-24 03:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-10 07:09 . 2011-07-07 15:40 280768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-10 07:03 . 2011-07-07 09:38 215128 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-07 18:23 . 2011-07-07 18:23 0 ---ha-w- c:\users\karl\AppData\Local\BIT2422.tmp
2011-07-07 16:50 . 2011-07-07 09:38 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-07-07 09:39 . 2011-07-07 09:39 138056 ----a-w- c:\users\karl\AppData\Roaming\PnkBstrK.sys
2011-06-11 02:29 . 2011-07-13 06:06 2334208 ----a-w- c:\windows\system32\win32k.sys
2011-06-07 15:55 . 2011-07-12 06:01 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{197DF9B3-7ABE-4CA6-9A61-6C05F9D76084}\mpengine.dll
2011-08-18 08:56 . 2011-04-19 07:27 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{90b49673-5506-483e-b92b-ca0265bd9ca8}"= "c:\program files\IMVU_Inc\prxtbIMVU.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
2011-01-17 08:54 175912 ----a-w- c:\program files\IMVU_Inc\prxtbIMVU.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{90b49673-5506-483e-b92b-ca0265bd9ca8}"= "c:\program files\IMVU_Inc\prxtbIMVU.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{90B49673-5506-483E-B92B-CA0265BD9CA8}"= "c:\program files\IMVU_Inc\prxtbIMVU.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"WindowsLivePhone"="c:\program files\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-08-18 17360520]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-12 4603264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DPService"="c:\program files\HP\DVDPlay\DPService.exe" [2008-03-11 90112]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"WindowsLivePhone"="c:\program files\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-20 3693672]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"WindowsLiveDeviceIntegrator"="c:\program files\Windows Live\Device Integrator\wldi.exe" [2010-09-24 245544]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-11 1523360]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NoIE4StubProcessing"="c:\windows\system32\reg.exe DELETE HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" [X]
"MSPCLOCK"="streamci" [X]
"MSPQM"="streamci" [X]
"MSKSSRV"="streamci" [X]
"MSTEE.CxTransform"="streamci" [X]
"MSTEE.Splitter"="streamci" [X]
"WDM_DRMKAUD"="streamci" [X]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-18 00:58 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 08:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2010-08-09 10:03 389352 ----a-w- c:\program files\Sandboxie\SbieCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 03:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-01-14 16:37 395640 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
R1 MpKsl5395e586;MpKsl5395e586;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B7A35C42-0870-4590-A3C2-786C3368650C}\MpKsl5395e586.sys [2011-08-27 28752]
R1 MpKsld6d21b7b;MpKsld6d21b7b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{76465832-B901-45BC-A85A-90359D981335}\MpKsld6d21b7b.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-06 136176]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-20 2214504]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-06 136176]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2009-07-13 266752]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-18 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CO_Mon
*Deregistered* - IDSVix86
*Deregistered* - SYMDNS
*Deregistered* - SYMFW
*Deregistered* - SYMNDISV
*Deregistered* - SYMREDRV
*Deregistered* - SYMTDI
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-06 18:02]
.
2011-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-06 18:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.au/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*Yahoo! SearchBar Home Page
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_au&c=83&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*Yahoo!
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.1.1.1
TCP: Interfaces\{05C4135E-6C15-466E-AEAA-37BE05D34CE7}: NameServer = 203.0.178.191 203.215.29.191
FF - ProfilePath - c:\users\karl\AppData\Roaming\Mozilla\Firefox\Profiles\vqw3ajgq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - (no file)
BHO-{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - (no file)
Toolbar-{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - (no file)
WebBrowser-{E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-KanevaTray - c:\program files\Kaneva\Star\3296\KanevaTray.exe
MSConfigStartUp-Messenger (Yahoo!) - c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe
AddRemove-DVD Flick_is1 - c:\users\karl\Downloads\DVD Flick\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3953746442-2306056581-1769711064-1000\Software\SecuROM\License information*]
"datasecu"=hex:f4,85,89,08,72,75,46,ee,e5,7b,b7,9d,21,22,95,46,4c,63,06,89,82,
ee,9b,3f,f4,48,82,3e,c9,da,5a,5b,c7,14,57,3c,bf,2f,ec,ac,a6,e1,80,d9,fb,fe,\
"rkeysecu"=hex:e6,0b,cf,9d,d3,83,e9,01,cc,63,28,ed,52,3a,aa,95
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-08-28 05:34:08
ComboFix-quarantined-files.txt 2011-08-27 21:33
.
Pre-Run: 79,325,917,184 bytes free
Post-Run: 79,788,400,640 bytes free
.
- - End Of File - - 07021F9E941151B84937B7313FAD1127

 

[patonb]

No help on the virus/combo log, but if need be, you can boot using a lvecd of ubuntu and then run a virus scan...