Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Trojan horse Rootkit-Agent.DI in drivers\ndis.sys


  • This topic is locked This topic is locked
4 replies to this topic

#1 totierne

totierne

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:26 AM

Posted 28 May 2009 - 07:21 PM

Infected with Trojan horse Rootkit-Agent.DI in C:\Windows\system32\drivers\ndis.sys (usually opened by Etrust Antivirus\InoRT.exe)

got rid of it with:

but it came back - trying to find the root cause.
Ideas:
1/Temporary internet files
2/ndis.sys was falsely restored from restore
3/System is generally infected all over
4/Just got reinfected from external source (I am not behind NAT)

DDS


DDS (Ver_09-05-14.01) - NTFSx86
Run by Turloch O'Tierney at 1:02:18.93 on 29/05/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_12
Microsoft Windows XP Home Edition 5.1.2600.3.1251.7.1033.18.447.43 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\USB Storage RW\DskWatch.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Common Files\AOL\1124833377\ee\AOLHostManager.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\AOL\1124833377\ee\AOLServiceHost.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Common Files\AOL\1124833377\ee\AOLServiceHost.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\cygwin\bin\bash.exe
C:\turloch\separation\permanenttmp\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.upc.ie/
BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_5_7_0.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_5_7_0.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [NBJ] "c:\program files\ahead\nero backitup\NBJ.exe"
uRun: [AIM] c:\program files\aim\aim.exe -cnetwait.odl
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [reader_s] c:\documents and settings\turloch o'tierney\reader_s.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [VTTimer] VTTimer.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [CARPService] carpserv.exe
mRun: [USB Storage RW] c:\program files\usb storage rw\DskWatch.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [AntivirusRegistration] c:\program files\ca\etrust antivirus\Register.exe
mRun: [Realtime Monitor] c:\progra~1\ca\etrust~1\realmon.exe -s
mRun: [<NO NAME>]
mRun: [PCMService] "c:\program files\cyberlink\powercinema\PCMService.exe"
mRun: [OEM-Reset]
mRun: [Lexmark 2200 Series] "c:\program files\lexmark 2200 series\lxbvbmgr.exe"
mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s
mRun: [HostManager] c:\program files\common files\aol\1124833377\ee\AOLHostManager.exe
mRun: [ClamWin] "c:\program files\clamwin\bin\ClamTray.exe" --logon
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [reader_s] c:\windows\system32\reader_s.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\turloc~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 1.9.95\program\quickstart.exe
StartupFolder: c:\docume~1\turloc~1\startm~1\programs\startup\openof~2.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ciscos~1.lnk - c:\program files\cisco systems\vpn client\vpngui.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1108208582093
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: crypt - crypts.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\turloc~1\applic~1\mozilla\firefox\profiles\gjqltwgd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbarff\components\vmAVGConnector.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPSqueak.dll

============= SERVICES / DRIVERS ===============

R1 avgldx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-20 325896]
R1 avgmfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-20 27784]
R1 avgtdix;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-20 108552]
R3 dskwatch;Disk Watch Filter;c:\windows\system32\drivers\dskwatch.sys [2005-2-12 15232]
S1 60957e80;60957e80;c:\windows\system32\drivers\60957e80.sys [2009-5-14 93760]
S1 73c536ae;73c536ae;c:\windows\system32\drivers\73c536ae.sys [2009-4-27 93308]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-11-13 189792]

=============== Created Last 30 ================

2009-05-28 02:57 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll
2009-05-28 02:57 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll
2009-05-28 02:57 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll
2009-05-28 02:57 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe
2009-05-28 02:57 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe
2009-05-28 02:56 99,865 ac------ c:\windows\system32\dllcache\xlog.exe
2009-05-28 02:56 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys
2009-05-28 02:56 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys
2009-05-28 02:56 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys
2009-05-28 02:55 8,832 ac------ c:\windows\system32\dllcache\wmiacpi.sys
2009-05-28 02:55 154,624 ac------ c:\windows\system32\dllcache\wlluc48.sys
2009-05-28 02:55 34,890 ac------ c:\windows\system32\dllcache\wlandrv2.sys
2009-05-28 02:55 771,581 ac------ c:\windows\system32\dllcache\winacisa.sys
2009-05-28 02:53 19,528 ac------ c:\windows\system32\dllcache\w840nd.sys
2009-05-28 02:53 64,605 ac------ c:\windows\system32\dllcache\vvoice.sys
2009-05-28 02:53 397,502 ac------ c:\windows\system32\dllcache\vpctcom.sys
2009-05-28 02:53 604,253 ac------ c:\windows\system32\dllcache\vmodem.sys
2009-05-28 02:53 249,402 ac------ c:\windows\system32\dllcache\vinwm.sys
2009-05-28 02:53 24,576 ac------ c:\windows\system32\dllcache\viairda.sys
2009-05-28 02:53 687,999 ac------ c:\windows\system32\dllcache\usrwdxjs.sys
2009-05-28 02:53 765,884 ac------ c:\windows\system32\dllcache\usrti.sys
2009-05-28 02:53 113,762 ac------ c:\windows\system32\dllcache\usrpda.sys
2009-05-28 02:53 7,556 ac------ c:\windows\system32\dllcache\usroslba.sys
2009-05-28 02:52 224,802 ac------ c:\windows\system32\dllcache\usr1807a.sys
2009-05-28 02:52 794,399 ac------ c:\windows\system32\dllcache\usr1806v.sys
2009-05-28 02:52 793,598 ac------ c:\windows\system32\dllcache\usr1806.sys
2009-05-28 02:52 794,654 ac------ c:\windows\system32\dllcache\usr1801.sys
2009-05-28 02:52 26,112 ac------ c:\windows\system32\dllcache\usbser.sys
2009-05-28 02:52 17,152 ac------ c:\windows\system32\dllcache\usbohci.sys
2009-05-28 02:52 60,032 ac------ c:\windows\system32\dllcache\usbaudio.sys
2009-05-28 02:52 11,136 a----r-- c:\windows\system32\drivers\OLD75B.tmp
2009-05-28 02:52 32,384 ac------ c:\windows\system32\dllcache\usb101et.sys
2009-05-28 02:52 94,720 ac------ c:\windows\system32\dllcache\umaxud32.dll
2009-05-28 02:52 28,160 ac------ c:\windows\system32\dllcache\umaxu40.dll
2009-05-28 02:52 26,624 ac------ c:\windows\system32\dllcache\umaxu22.dll
2009-05-28 02:51 69,632 ac------ c:\windows\system32\dllcache\umaxu12.dll
2009-05-28 02:51 50,688 ac------ c:\windows\system32\dllcache\umaxscan.dll
2009-05-28 02:51 22,912 ac------ c:\windows\system32\dllcache\umaxpcls.sys
2009-05-28 02:51 50,176 ac------ c:\windows\system32\dllcache\umaxp60.dll
2009-05-28 02:51 47,616 ac------ c:\windows\system32\dllcache\umaxcam.dll
2009-05-28 02:51 211,968 ac------ c:\windows\system32\dllcache\um54scan.dll
2009-05-28 02:51 216,064 ac------ c:\windows\system32\dllcache\um34scan.dll
2009-05-28 02:51 36,736 ac------ c:\windows\system32\dllcache\ultra.sys
2009-05-28 02:51 11,520 ac------ c:\windows\system32\dllcache\twotrack.sys
2009-05-28 02:51 166,784 ac------ c:\windows\system32\dllcache\tridxpm.sys
2009-05-28 02:50 525,568 ac------ c:\windows\system32\dllcache\tridxp.dll
2009-05-28 02:50 159,232 ac------ c:\windows\system32\dllcache\tridkbm.sys
2009-05-28 02:50 440,576 ac------ c:\windows\system32\dllcache\tridkb.dll
2009-05-28 02:50 222,336 ac------ c:\windows\system32\dllcache\trid3dm.sys
2009-05-28 02:50 315,520 ac------ c:\windows\system32\dllcache\trid3d.dll
2009-05-28 02:50 34,375 ac------ c:\windows\system32\dllcache\tpro4.sys
2009-05-28 02:50 42,496 ac------ c:\windows\system32\dllcache\tp4res.dll
2009-05-28 02:50 82,944 ac------ c:\windows\system32\dllcache\tp4mon.exe
2009-05-28 02:50 31,744 ac------ c:\windows\system32\dllcache\tp4.dll
2009-05-28 02:50 4,992 ac------ c:\windows\system32\dllcache\toside.sys
2009-05-28 02:50 230,912 ac------ c:\windows\system32\dllcache\tosdvd03.sys
2009-05-28 02:49 241,664 ac------ c:\windows\system32\dllcache\tosdvd02.sys
2009-05-28 02:49 28,232 ac------ c:\windows\system32\dllcache\tos4mo.sys
2009-05-28 02:49 123,995 ac------ c:\windows\system32\dllcache\tjisdn.sys
2009-05-28 02:49 138,528 ac------ c:\windows\system32\dllcache\tgiulnt5.sys
2009-05-28 02:49 81,408 ac------ c:\windows\system32\dllcache\tgiul50.dll
2009-05-28 02:49 149,376 ac------ c:\windows\system32\dllcache\tffsport.sys
2009-05-28 02:49 17,129 ac------ c:\windows\system32\dllcache\tdkcd31.sys
2009-05-28 02:49 37,961 ac------ c:\windows\system32\dllcache\tdk100b.sys
2009-05-28 02:49 30,464 ac------ c:\windows\system32\dllcache\tbatm155.sys
2009-05-28 02:49 7,040 ac------ c:\windows\system32\dllcache\tandqic.sys
2009-05-28 02:48 36,640 ac------ c:\windows\system32\dllcache\t2r4mini.sys
2009-05-28 02:48 172,768 ac------ c:\windows\system32\dllcache\t2r4disp.dll
2009-05-28 02:48 32,640 ac------ c:\windows\system32\dllcache\symc8xx.sys
2009-05-28 02:48 16,256 ac------ c:\windows\system32\dllcache\symc810.sys
2009-05-28 02:48 30,688 ac------ c:\windows\system32\dllcache\sym_u3.sys
2009-05-28 02:48 28,384 ac------ c:\windows\system32\dllcache\sym_hi.sys
2009-05-28 02:48 94,293 ac------ c:\windows\system32\dllcache\sxports.dll
2009-05-28 02:48 103,936 ac------ c:\windows\system32\dllcache\sx.sys
2009-05-28 02:48 3,968 ac------ c:\windows\system32\dllcache\swusbflt.sys
2009-05-28 02:48 10,240 ac------ c:\windows\system32\dllcache\swpidflt.dll
2009-05-28 02:48 10,240 ac------ c:\windows\system32\dllcache\swpdflt2.dll
2009-05-28 02:48 53,760 ac------ c:\windows\system32\dllcache\sw_wheel.dll
2009-05-28 02:47 41,472 ac------ c:\windows\system32\dllcache\sw_effct.dll
2009-05-28 02:47 155,648 ac------ c:\windows\system32\dllcache\stlnprop.dll
2009-05-28 02:47 53,248 ac------ c:\windows\system32\dllcache\stlncoin.dll
2009-05-28 02:47 285,760 ac------ c:\windows\system32\dllcache\stlnata.sys
2009-05-28 02:47 16,896 ac------ c:\windows\system32\dllcache\stcusb.sys
2009-05-28 02:47 48,736 ac------ c:\windows\system32\dllcache\srwlnd5.sys
2009-05-28 02:47 99,328 ac------ c:\windows\system32\dllcache\srusd.dll
2009-05-28 02:47 24,660 ac------ c:\windows\system32\dllcache\spxupchk.dll
2009-05-28 02:46 61,824 ac------ c:\windows\system32\dllcache\speed.sys
2009-05-28 02:46 106,584 ac------ c:\windows\system32\dllcache\spdports.dll
2009-05-28 02:46 19,072 ac------ c:\windows\system32\dllcache\sparrow.sys
2009-05-28 02:46 7,552 ac------ c:\windows\system32\dllcache\sonypvu1.sys
2009-05-28 02:46 37,040 ac------ c:\windows\system32\dllcache\sonypi.sys
2009-05-28 02:46 114,688 ac------ c:\windows\system32\dllcache\sonypi.dll
2009-05-28 02:46 20,752 ac------ c:\windows\system32\dllcache\sonync.sys
2009-05-28 02:46 9,600 ac------ c:\windows\system32\dllcache\sonymc.sys
2009-05-28 02:45 7,552 ac------ c:\windows\system32\dllcache\sonyait.sys
2009-05-28 02:45 143,422 ac------ c:\windows\system32\dllcache\softkey.dll
2009-05-28 02:45 7,040 ac------ c:\windows\system32\dllcache\snyaitmc.sys
2009-05-28 02:45 58,368 ac------ c:\windows\system32\dllcache\smiminib.sys
2009-05-28 02:45 147,200 ac------ c:\windows\system32\dllcache\smidispb.dll
2009-05-28 02:45 25,034 ac------ c:\windows\system32\dllcache\smcpwr2n.sys
2009-05-28 02:45 35,913 ac------ c:\windows\system32\dllcache\smcirda.sys
2009-05-28 02:45 24,576 ac------ c:\windows\system32\dllcache\smc8000n.sys
2009-05-28 02:45 6,784 ac------ c:\windows\system32\dllcache\smbhc.sys
2009-05-28 02:45 6,912 ac------ c:\windows\system32\dllcache\smbclass.sys
2009-05-28 02:44 16,000 ac------ c:\windows\system32\dllcache\smbbatt.sys
2009-05-28 02:44 45,568 ac------ c:\windows\system32\dllcache\smb3w.dll
2009-05-28 02:44 33,792 ac------ c:\windows\system32\dllcache\smb0w.dll
2009-05-28 02:44 28,672 ac------ c:\windows\system32\dllcache\sma0w.dll
2009-05-28 02:44 28,160 ac------ c:\windows\system32\dllcache\sm91w.dll
2009-05-28 02:44 63,547 ac------ c:\windows\system32\dllcache\sla30nd5.sys
2009-05-28 02:44 91,294 ac------ c:\windows\system32\dllcache\skfpwin.sys
2009-05-28 02:44 94,698 ac------ c:\windows\system32\dllcache\sk98xwin.sys
2009-05-28 02:44 157,696 ac------ c:\windows\system32\dllcache\sisv256.dll
2009-05-28 02:44 50,432 ac------ c:\windows\system32\dllcache\sisv.sys
2009-05-28 02:44 32,768 ac------ c:\windows\system32\dllcache\sisnic.sys
2009-05-28 02:43 238,592 ac------ c:\windows\system32\dllcache\sisgrv.dll
2009-05-28 02:43 104,064 ac------ c:\windows\system32\dllcache\sisgrp.sys
2009-05-28 02:43 150,144 ac------ c:\windows\system32\dllcache\sis6306v.dll
2009-05-28 02:43 68,608 ac------ c:\windows\system32\dllcache\sis6306p.sys
2009-05-28 02:43 252,032 ac------ c:\windows\system32\dllcache\sis300iv.dll
2009-05-28 02:43 101,760 ac------ c:\windows\system32\dllcache\sis300ip.sys
2009-05-28 02:43 161,568 ac------ c:\windows\system32\dllcache\sgsmusb.sys
2009-05-28 02:43 18,400 ac------ c:\windows\system32\dllcache\sgsmld.sys
2009-05-28 02:43 98,080 ac------ c:\windows\system32\dllcache\sgiulnt5.sys
2009-05-28 02:43 386,560 ac------ c:\windows\system32\dllcache\sgiul50.dll
2009-05-28 02:43 36,480 ac------ c:\windows\system32\dllcache\sfmanm.sys
2009-05-28 02:42 6,784 ac------ c:\windows\system32\dllcache\serscan.sys
2009-05-28 02:42 17,664 ac------ c:\windows\system32\dllcache\sermouse.sys
2009-05-28 02:42 6,912 ac------ c:\windows\system32\dllcache\seaddsmc.sys
2009-05-28 02:42 11,520 ac------ c:\windows\system32\dllcache\scsiscan.sys
2009-05-28 02:42 11,648 ac------ c:\windows\system32\dllcache\scsiprnt.sys
2009-05-28 02:42 17,280 ac------ c:\windows\system32\dllcache\scr111.sys
2009-05-28 02:42 16,640 ac------ c:\windows\system32\dllcache\scmstcs.sys
2009-05-28 02:42 23,936 ac------ c:\windows\system32\dllcache\sccmusbm.sys
2009-05-28 02:42 23,936 ac------ c:\windows\system32\dllcache\sccmn50m.sys
2009-05-28 02:42 43,904 ac------ c:\windows\system32\dllcache\sbp2port.sys
2009-05-28 02:42 495,616 ac------ c:\windows\system32\dllcache\sblfx.dll
2009-05-28 02:42 75,392 ac------ c:\windows\system32\dllcache\s3savmxm.sys
2009-05-28 02:40 29,696 ac------ c:\windows\system32\dllcache\rw450ext.dll
2009-05-28 02:40 27,648 ac------ c:\windows\system32\dllcache\rw430ext.dll
2009-05-28 02:40 20,992 ac------ c:\windows\system32\dllcache\rtl8139.sys
2009-05-28 02:40 19,017 ac------ c:\windows\system32\dllcache\rtl8029.sys
2009-05-28 02:40 30,720 ac------ c:\windows\system32\dllcache\rthwcls.sys
2009-05-28 02:40 9,216 ac------ c:\windows\system32\dllcache\rsmgrstr.dll
2009-05-28 02:40 3,840 ac------ c:\windows\system32\dllcache\rpfun.sys
2009-05-28 02:40 79,104 ac------ c:\windows\system32\dllcache\rocket.sys
2009-05-28 02:40 26,880 a----r-- c:\windows\system32\drivers\OLD5E9.tmp
2009-05-28 02:40 37,563 ac------ c:\windows\system32\dllcache\rlnet5.sys
2009-05-28 02:40 86,097 ac------ c:\windows\system32\dllcache\reslog32.dll
2009-05-28 02:39 19,584 ac------ c:\windows\system32\dllcache\rasirda.sys
2009-05-28 02:39 714,762 ac------ c:\windows\system32\dllcache\r2mdmkxx.sys
2009-05-28 02:39 899,146 ac------ c:\windows\system32\dllcache\r2mdkxga.sys
2009-05-28 02:39 41,472 ac------ c:\windows\system32\dllcache\qvusd.dll
2009-05-28 02:39 3,328 ac------ c:\windows\system32\dllcache\qv2kux.sys
2009-05-28 02:39 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys
2009-05-28 02:39 40,448 ac------ c:\windows\system32\dllcache\ql1240.sys
2009-05-28 02:39 45,312 ac------ c:\windows\system32\dllcache\ql12160.sys
2009-05-28 02:39 33,152 ac------ c:\windows\system32\dllcache\ql10wnt.sys
2009-05-28 02:37 121,344 ac------ c:\windows\system32\dllcache\phvfwext.dll
2009-05-28 02:36 30,282 ac------ c:\windows\system32\dllcache\pcntn5hl.sys
2009-05-28 02:35 198,144 ac------ c:\windows\system32\dllcache\nv3.sys
2009-05-28 02:35 123,776 ac------ c:\windows\system32\dllcache\nv3.dll
2009-05-28 02:35 51,552 ac------ c:\windows\system32\dllcache\ntgrip.sys
2009-05-28 02:35 9,344 ac------ c:\windows\system32\dllcache\ntapm.sys
2009-05-28 02:35 7,552 ac------ c:\windows\system32\dllcache\nsmmc.sys
2009-05-28 02:35 28,672 ac------ c:\windows\system32\dllcache\nscirda.sys
2009-05-28 02:35 87,040 ac------ c:\windows\system32\dllcache\nm6wdm.sys
2009-05-28 02:35 126,080 ac------ c:\windows\system32\dllcache\nm5a2wdm.sys
2009-05-28 02:35 32,840 ac------ c:\windows\system32\dllcache\ngrpci.sys
2009-05-28 02:35 132,695 ac------ c:\windows\system32\dllcache\netwlan5.sys
2009-05-28 02:34 65,278 ac------ c:\windows\system32\dllcache\netflx3.sys
2009-05-28 02:34 39,264 ac------ c:\windows\system32\dllcache\neo20xx.sys
2009-05-28 02:34 60,480 ac------ c:\windows\system32\dllcache\neo20xx.dll
2009-05-28 02:34 15,872 ac------ c:\windows\system32\dllcache\ne2000.sys
2009-05-28 02:34 91,488 ac------ c:\windows\system32\dllcache\n9i3disp.dll
2009-05-28 02:34 27,936 ac------ c:\windows\system32\dllcache\n9i3d.sys
2009-05-28 02:34 33,088 ac------ c:\windows\system32\dllcache\n9i128v2.sys
2009-05-28 02:33 59,104 ac------ c:\windows\system32\dllcache\n9i128v2.dll
2009-05-28 02:33 13,664 ac------ c:\windows\system32\dllcache\n9i128.sys
2009-05-28 02:33 35,392 ac------ c:\windows\system32\dllcache\n9i128.dll
2009-05-28 02:33 128,000 ac------ c:\windows\system32\dllcache\n100325.sys
2009-05-28 02:33 52,255 ac------ c:\windows\system32\dllcache\n1000nt5.sys
2009-05-28 02:33 75,520 ac------ c:\windows\system32\dllcache\mxport.sys
2009-05-28 02:33 7,168 ac------ c:\windows\system32\dllcache\mxport.dll
2009-05-28 02:33 19,968 ac------ c:\windows\system32\dllcache\mxnic.sys
2009-05-28 02:33 19,968 ac------ c:\windows\system32\dllcache\mxicfg.dll
2009-05-28 02:33 21,888 ac------ c:\windows\system32\dllcache\mxcard.sys
2009-05-28 02:33 229,439 ac------ c:\windows\system32\dllcache\multibox.dll
2009-05-28 02:33 103,296 ac------ c:\windows\system32\dllcache\mtxvideo.sys
2009-05-28 02:32 49,024 ac------ c:\windows\system32\dllcache\mstape.sys
2009-05-28 02:32 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys
2009-05-28 02:32 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys
2009-05-28 02:32 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys
2009-05-28 02:32 1,875,968 ac------ c:\windows\system32\dllcache\msir3jp.lex
2009-05-28 02:32 98,304 ac------ c:\windows\system32\dllcache\msir3jp.dll
2009-05-28 02:32 35,200 ac------ c:\windows\system32\dllcache\msgame.sys
2009-05-28 02:32 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys
2009-05-28 02:32 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax
2009-05-28 02:32 51,200 ac------ c:\windows\system32\dllcache\msdv.sys
2009-05-28 02:31 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys
2009-05-28 02:31 15,232 ac------ c:\windows\system32\dllcache\mpe.sys
2009-05-28 02:31 6,528 ac------ c:\windows\system32\dllcache\miniqic.sys
2009-05-28 02:31 320,384 ac------ c:\windows\system32\dllcache\mgaum.sys
2009-05-28 02:31 235,648 ac------ c:\windows\system32\dllcache\mgaud.dll
2009-05-28 02:31 26,112 ac------ c:\windows\system32\dllcache\memstpci.sys
2009-05-28 02:31 47,616 ac------ c:\windows\system32\dllcache\memgrp.dll
2009-05-28 02:31 8,320 ac------ c:\windows\system32\dllcache\memcard.sys
2009-05-28 02:31 164,586 ac------ c:\windows\system32\dllcache\mdgndis5.sys
2009-05-28 02:29 4,992 ac------ c:\windows\system32\dllcache\loop.sys
2009-05-28 02:29 70,730 ac------ c:\windows\system32\dllcache\lne100tx.sys
2009-05-28 02:29 20,573 ac------ c:\windows\system32\dllcache\lne100.sys
2009-05-28 02:29 25,065 ac------ c:\windows\system32\dllcache\lmndis3.sys
2009-05-28 02:29 15,744 ac------ c:\windows\system32\dllcache\lit220p.sys
2009-05-28 02:29 34,688 ac------ c:\windows\system32\dllcache\lbrtfdc.sys
2009-05-28 02:29 26,442 ac------ c:\windows\system32\dllcache\lanepic5.sys
2009-05-28 02:29 19,016 ac------ c:\windows\system32\dllcache\ktc111.sys
2009-05-28 02:29 37,376 ac------ c:\windows\system32\dllcache\kousd.dll
2009-05-28 02:29 1,158,818 ac------ c:\windows\system32\dllcache\korwbrkr.lex
2009-05-28 02:29 70,656 ac------ c:\windows\system32\dllcache\korwbrkr.dll
2009-05-28 02:29 253,952 ac------ c:\windows\system32\dllcache\kdsusd.dll
2009-05-28 02:28 48,640 ac------ c:\windows\system32\dllcache\kdsui.dll
2009-05-28 02:28 8,192 ac------ c:\windows\system32\dllcache\kbdkor.dll
2009-05-28 02:28 8,704 ac------ c:\windows\system32\dllcache\kbdjpn.dll
2009-05-28 02:28 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll
2009-05-28 02:28 5,632 ac------ c:\windows\system32\dllcache\kbd103.dll
2009-05-28 02:27 6,144 ac------ c:\windows\system32\dllcache\kbd101c.dll
2009-05-28 02:27 6,144 ac------ c:\windows\system32\dllcache\kbd101b.dll
2009-05-28 02:27 26,624 ac------ c:\windows\system32\dllcache\irstusb.sys
2009-05-28 02:27 18,688 ac------ c:\windows\system32\dllcache\irsir.sys
2009-05-28 02:27 23,552 ac------ c:\windows\system32\dllcache\irmk7.sys
2009-05-28 02:27 88,192 ac------ c:\windows\system32\dllcache\irda.sys
2009-05-28 02:27 45,632 ac------ c:\windows\system32\dllcache\ip5515.sys
2009-05-28 02:27 90,200 ac------ c:\windows\system32\dllcache\io8ports.dll
2009-05-28 02:27 38,784 ac------ c:\windows\system32\dllcache\io8.sys
2009-05-28 02:27 5,504 ac------ c:\windows\system32\dllcache\intelide.sys
2009-05-28 02:27 13,056 ac------ c:\windows\system32\dllcache\inport.sys
2009-05-28 02:26 16,000 ac------ c:\windows\system32\dllcache\ini910u.sys
2009-05-28 02:26 471,102 ac------ c:\windows\system32\dllcache\imskdic.dll
2009-05-28 02:26 59,904 ac------ c:\windows\system32\dllcache\imkrinst.exe
2009-05-28 02:26 45,109 ac------ c:\windows\system32\dllcache\imjpuex.exe
2009-05-28 02:26 57,398 ac------ c:\windows\system32\dllcache\imjpdadm.exe
2009-05-28 02:26 311,359 ac------ c:\windows\system32\dllcache\imepadsv.exe
2009-05-28 02:26 102,463 ac------ c:\windows\system32\dllcache\imepadsm.dll
2009-05-28 02:26 44,032 ac------ c:\windows\system32\dllcache\imekrmig.exe
2009-05-28 02:26 134,339 ac------ c:\windows\system32\dllcache\imekr.lex
2009-05-28 02:26 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll
2009-05-28 02:26 100,992 ac------ c:\windows\system32\dllcache\icam5usb.sys
2009-05-28 02:26 20,480 ac------ c:\windows\system32\dllcache\icam5ext.dll
2009-05-28 02:24 8,576 ac------ c:\windows\system32\dllcache\i2omgmt.sys
2009-05-28 02:24 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll
2009-05-28 02:24 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll
2009-05-28 02:24 488,383 ac------ c:\windows\system32\dllcache\hsf_v124.sys
2009-05-28 02:24 50,751 ac------ c:\windows\system32\dllcache\hsf_tone.sys
2009-05-28 02:24 73,279 ac------ c:\windows\system32\dllcache\hsf_spkp.sys
2009-05-28 02:24 44,863 ac------ c:\windows\system32\dllcache\hsf_soar.sys
2009-05-28 02:24 57,471 ac------ c:\windows\system32\dllcache\hsf_samp.sys
2009-05-28 02:24 542,879 ac------ c:\windows\system32\dllcache\hsf_msft.sys
2009-05-28 02:24 391,199 ac------ c:\windows\system32\dllcache\hsf_k56k.sys
2009-05-28 02:24 9,759 ac------ c:\windows\system32\dllcache\hsf_inst.dll
2009-05-28 02:24 115,807 ac------ c:\windows\system32\dllcache\hsf_fsks.sys
2009-05-28 02:24 199,711 ac------ c:\windows\system32\dllcache\hsf_faxx.sys
2009-05-28 02:22 123,392 ac------ c:\windows\system32\dllcache\hpgt21tk.dll
2009-05-28 02:22 83,968 ac------ c:\windows\system32\dllcache\hpgt21.dll
2009-05-28 02:22 119,296 ac------ c:\windows\system32\dllcache\hpdigwia.dll
2009-05-28 02:22 2,688 ac------ c:\windows\system32\dllcache\hidswvd.sys
2009-05-28 02:22 8,576 ac------ c:\windows\system32\dllcache\hidgame.sys
2009-05-28 02:22 20,352 ac------ c:\windows\system32\dllcache\hidbatt.sys
2009-05-28 02:22 907,456 ac------ c:\windows\system32\dllcache\hcf_msft.sys
2009-05-28 02:22 36,864 ac------ c:\windows\system32\dllcache\hanjadic.dll
2009-05-28 02:22 108,827 ac------ c:\windows\system32\dllcache\hanja.lex
2009-05-28 02:22 28,288 ac------ c:\windows\system32\dllcache\grserial.sys
2009-05-28 02:22 82,304 ac------ c:\windows\system32\dllcache\grclass.sys
2009-05-28 02:22 17,408 ac------ c:\windows\system32\dllcache\gpr400.sys
2009-05-28 02:20 22,090 ac------ c:\windows\system32\dllcache\fem556n5.sys
2009-05-28 02:19 72,192 ac------ c:\windows\system32\dllcache\es1969.sys
2009-05-28 02:18 69,194 ac------ c:\windows\system32\dllcache\el656cd5.sys
2009-05-28 02:17 952,007 ac------ c:\windows\system32\dllcache\diwan.sys
2009-05-28 02:16 110,592 ac------ c:\windows\system32\dllcache\dc260usd.dll
2009-05-28 02:15 21,533 ac------ c:\windows\system32\dllcache\cpqndis5.sys
2009-05-28 02:14 32,256 ac------ c:\windows\system32\dllcache\diapi2NT.dll
2009-05-28 02:13 9,728 ac------ c:\windows\system32\dllcache\brserif.dll
2009-05-28 02:12 137,216 ac------ c:\windows\system32\dllcache\atidrae.dll
2009-05-28 02:11 84,480 ac------ c:\windows\system32\dllcache\ac97via.sys
2009-05-28 02:11 297,728 ac------ c:\windows\system32\dllcache\ac97sis.sys
2009-05-28 02:11 231,552 ac------ c:\windows\system32\dllcache\ac97ali.sys
2009-05-28 02:11 96,256 ac------ c:\windows\system32\dllcache\ac97intc.sys
2009-05-28 02:11 23,552 ac------ c:\windows\system32\dllcache\abp480n5.sys
2009-05-28 02:11 462,848 ac------ c:\windows\system32\dllcache\a3dapi.dll
2009-05-28 02:11 38,400 ac------ c:\windows\system32\dllcache\8514a.dll
2009-05-28 02:11 48,128 ac------ c:\windows\system32\dllcache\61883.sys
2009-05-28 02:11 12,288 ac------ c:\windows\system32\dllcache\4mmdat.sys
2009-05-28 02:11 148,352 ac------ c:\windows\system32\dllcache\3dfxvsm.sys
2009-05-28 02:11 689,216 ac------ c:\windows\system32\dllcache\3dfxvs.dll
2009-05-28 02:11 762,780 ac------ c:\windows\system32\dllcache\3cwmcru.sys
2009-05-28 02:11 11,264 ac------ c:\windows\system32\dllcache\1394vdbg.sys
2009-05-28 02:10 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll
2009-05-26 00:15 182,656 a------- c:\windows\system32\drivers\ndis.sys.fromwork
2009-05-24 18:17 182,656 a------- c:\windows\system32\drivers\ndis.sys.servicepackfiles
2009-05-20 01:02 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-05-20 00:47 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-20 00:47 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-20 00:47 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-20 00:47 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-05-20 00:47 <DIR> --d----- c:\docume~1\turloc~1\applic~1\AVGTOOLBAR
2009-05-20 00:47 <DIR> --d----- c:\program files\AVG
2009-05-20 00:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-05-14 19:17 93,760 a------- c:\windows\system32\drivers\60957e80.sys
2009-05-02 22:37 <DIR> --d----- c:\documents and settings\turloch o'tierney\.lincity
2009-05-01 22:33 413,696 a------- c:\windows\system32\wrap_oal.dll
2009-05-01 22:33 <DIR> --d----- c:\program files\OpenAL
2009-05-01 22:33 110,592 a------- c:\windows\system32\OpenAL32.dll
2009-05-01 22:32 <DIR> --d----- c:\docume~1\turloc~1\applic~1\flightgear.org
2009-05-01 21:56 <DIR> --d----- c:\documents and settings\turloch o'tierney\.crrcsim
2009-04-29 23:21 <DIR> --d----- C:\RALLY
2009-04-29 23:10 146,432 a------- c:\windows\regedit_totierne.exe

==================== Find3M ====================

2009-05-20 07:51 93,308 a------- c:\windows\system32\drivers\73c536ae.sys
2009-05-18 21:57 10,946 a------- c:\docume~1\turloc~1\applic~1\wklnhst.dat
2009-05-15 12:18 65,328 a------- c:\docume~1\turloc~1\applic~1\GDIPFONTCACHEV1.DAT
2009-04-17 20:42 182,656 a------- c:\windows\system32\drivers\ndis.sys
2009-03-06 15:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-06 10:18 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-03 01:18 826,368 a------- c:\windows\system32\wininet.dll

============= FINISH: 1:04:04.12 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:08:26 AM

Posted 29 May 2009 - 11:50 AM

Hi,

I have bad news for you :thumbup2:

I see you're dealing with Virut on top of the other nasty malware you are dealing with. In that case, it's unfortunately a lost case - Game over situation and a format and reinstall is the fastest and especially the safest solution.

You may want to read this why:
Virut and other File infectors - Throwing in the Towel?

So, I suggest you to start backup all of your valuable data/documents/pictures/movies/songs/etc.. Do NOT backup any applications/installers and Do NOT backup any .exe/.scr/.htm/.html/.xml/.zip/.rar files...
This because these files may be infected as well. If you back them up and replace them afterwards, it will infect your computer again.


Read here for instructions how to format and reinstall Windows: http://web.mit.edu/ist/products/winxp/adva...all-format.html
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 totierne

totierne
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:26 AM

Posted 30 May 2009 - 11:59 AM

Hi Thanks for the bad news - I will not shoot the messenger.

The sticking point for going to Linux is peripherals (a lexmark x2250 all in one printer/scanner and digital camera)
I could buy a Linux friendly printer I suppose.

The sticking point for windows is licenses - I am pretty sure I did not get distribution media (just reinstall partition) with this computer
I have a XP distribution from another computer. The other computer now is all linux. What is the story about windows on a virtual machine any additional license issues... I could use a windows virtual machine set up for easy reinstall and still use my existing printer and digital camera, I am light on memory though... (though memory is cheap nowadays).

The joys of computer ownership, not very unusual issues,
I am glad I did not VPN into work from the infected machine. :thumbup2:

Regards,
Turloch

#4 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:08:26 AM

Posted 03 June 2009 - 06:29 AM

I could use a windows virtual machine set up for easy reinstall and still use my existing printer and digital camera

Yes, that sounds like an idea :thumbup2:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:08:26 AM

Posted 15 June 2009 - 10:22 AM

Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users