Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search engine redirect + Windows (constantly) updating


  • This topic is locked This topic is locked
32 replies to this topic

#1 Nightingale785

Nightingale785

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 PM

Posted 16 August 2010 - 06:12 PM

Hey guys,

I'm new to bleepingcomputer.com... I've had a virus or two in the past, but have always been able to get rid of it on my own. This time, I am not so lucky. I am pretty sure I have a TDL3, from what I've read. Symptoms: Google redirect, Windows saying it's updating almost everytime I turn my computer on (although I cannot access the Windows update website), slow computer startup, slow Internet at times, and blocked access to certain sites. In fact, it's not even letting me post my MBAM log to this message board. I tried user GMER in safe mode, but it froze up on me and I haven't tried it again (yet). I also tried TDSSkiller, but it found nothing. I figured I'd post here and find out what I should do next, because I give up trying on my own! tongue.gif

In case you need to know this, I use WindowsXP. And I have tried (in an attempt to find this sucker): AVG, Avira, Microsoft Security Essentials, MBAM, SuperAntiSpyware, SpyBot, ComboFix, and the other ones mentioned above. I found out about ComboFix from a friend, and he did not warn me that I shouldn't run it without the help of an expert. When I came to this site and started poking around, that's when I learned how dangerous ComboFix can be. Hopefully I didn't do any damage by using it "on my own". sigh

Thanks in advance,
Laura

Edited by Nightingale785, 16 August 2010 - 06:36 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:03 PM

Posted 19 August 2010 - 08:54 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.
  1. Do not run any other tool untill instructed to do so!
  2. Please Do not Attach logs or put in code boxes.
  3. Tell me about any problems that have occurred during the fix.
  4. Tell me of any other symptoms you may be having as these can help also.
  5. Do not run anything while running a fix.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:
    Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
    • The application window will appear
    • Click the Disable button to disable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger may ask you to reboot the machine, if it does - click OK
    Do not re-enable these drivers until otherwise instructed.

Download DDS:
    Please download DDS by sUBs from one of the links below and save it to your desktop:


    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.
    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
      • DDS.txt
      • Attach.txt
    • A window will open instructing you save & post the logs
    • Save the logs to a convenient place such as your desktop
    • Copy the contents of both logs & post in your next reply

Scan With RKUnHooker
  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


MBRCheck

Please also download MBRCheck to your desktop
  • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
  • It will show a Black screen with some data on it
  • a report called MBRcheck will be on your desktop
  • open this report
  • Right click on the screen and select > Select All
  • Press Control+C
  • now please copy that report to this thread


information and logs:
    In your next post I need the following
      1.logs from DDS
      2.log from RKUnHooker
      3. report from MBRchecker
      4.let me know of any problems you may have had

Gringo


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Nightingale785

Nightingale785
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 PM

Posted 19 August 2010 - 08:32 PM

Hi Gringo,

Thanks so much for the reply. No problems have occured thus far, with the actions you've asked me to take. The DDS and RKUnHooker logs are attached as files, and the MBRchecker log is right here:


MBRCheck, version 1.2.3
2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000005c

Kernel Drivers (total 154):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0x8744D000 \WINDOWS\system32\KDCOM.DLL
0xF7925000 \WINDOWS\system32\BOOTVID.dll
0xF73E2000 ACPI.sys
0xF7A11000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF73D1000 pci.sys
0xF7511000 isapnp.sys
0xF7929000 compbatt.sys
0xF792D000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7AD9000 pciide.sys
0xF7791000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7521000 MountMgr.sys
0xF73B2000 ftdisk.sys
0xF738C000 dmio.sys
0xF7799000 PartMgr.sys
0xF7531000 VolSnap.sys
0xF7374000 atapi.sys
0xF7541000 disk.sys
0xF7551000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7354000 fltmgr.sys
0xF7342000 sr.sys
0xF732C000 drvmcdb.sys
0xF7561000 PxHelp20.sys
0xF7315000 KSecDD.sys
0xF7302000 WudfPf.sys
0xF7275000 Ntfs.sys
0xF7248000 NDIS.sys
0xF7571000 ohci1394.sys
0xF7581000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF722E000 Mup.sys
0xF6EE2000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF7A0D000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF6AD9000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xF6AC5000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF6A9D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF6940000 \SystemRoot\system32\DRIVERS\w39n51.sys
0xF7861000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF691C000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7869000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF6ED2000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0xF6908000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xF7871000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xF75A1000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0xF68BC000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0xF75B1000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF688D000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF7A2F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7879000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7881000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF75C1000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7A31000 \SystemRoot\system32\drivers\sscdbhk5.sys
0xF75D1000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF75E1000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF686A000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7889000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xF7BD7000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF75F1000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF71FA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6853000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7601000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7611000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7891000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6842000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7621000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7899000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF78A1000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF6812000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF7631000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A35000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF67B4000 \SystemRoot\system32\DRIVERS\update.sys
0xF6C66000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF78A9000 \SystemRoot\system32\DRIVERS\omci.sys
0xF76C1000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF187E000 \SystemRoot\system32\drivers\sthda.sys
0xF185A000 \SystemRoot\system32\drivers\portcls.sys
0xF76F1000 \SystemRoot\system32\drivers\drmk.sys
0xF1706000 \SystemRoot\system32\drivers\monfilt.sys
0xF16D4000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xF15D7000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xF1527000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF78F9000 \SystemRoot\System32\Drivers\Modem.SYS
0xEDA7B000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xEE5C5000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7AA7000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xEDA6B000 \SystemRoot\system32\DRIVERS\DcCam.sys
0xB89EE000 \SystemRoot\system32\DRIVERS\EXPORTIT.SYS
0xF7B10000 \SystemRoot\System32\Drivers\Null.SYS
0xF7AA9000 \SystemRoot\System32\Drivers\Beep.SYS
0xED942000 \SystemRoot\system32\drivers\ssrtln.sys
0xED93A000 \SystemRoot\System32\drivers\vga.sys
0xF7ABD000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB8AC4000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF0707000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF06FF000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB6D80000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB4491000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB4438000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB43F4000 \SystemRoot\System32\Drivers\avgtdix.sys
0xB43CE000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB5A6E000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB43A6000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB4384000 \SystemRoot\System32\drivers\afd.sys
0xB5A3E000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF06DF000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xB4359000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB42E9000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB5A1E000 \SystemRoot\System32\Drivers\Fips.SYS
0xB42C7000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF018D000 \SystemRoot\System32\Drivers\avgmfx86.sys
0xB4293000 \SystemRoot\System32\Drivers\avgldx86.sys
0xF7A8B000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0xB9B14000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB427B000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB5547000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB8A14000 \SystemRoot\System32\drivers\Dxapi.sys
0xEE154000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xB989F000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF054000 \SystemRoot\System32\ati2cqag.dll
0xBF08E000 \SystemRoot\System32\atikvmag.dll
0xBF0C4000 \SystemRoot\System32\ati3duag.dll
0xBF32B000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB2266000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xB4D6F000 \SystemRoot\system32\drivers\drvnddm.sys
0xB4D5F000 \SystemRoot\system32\drivers\dcfs2k.sys
0xB98A3000 \SystemRoot\system32\dla\tfsndres.sys
0xB2250000 \SystemRoot\system32\dla\tfsnifs.sys
0xEE5B9000 \SystemRoot\system32\dla\tfsnopio.sys
0xF7AB9000 \SystemRoot\system32\dla\tfsnpool.sys
0xB8A6A000 \SystemRoot\system32\dla\tfsnboio.sys
0xB4D4F000 \SystemRoot\system32\dla\tfsncofs.sys
0xB98A0000 \SystemRoot\system32\dla\tfsndrct.sys
0xB2237000 \SystemRoot\system32\dla\tfsnudf.sys
0xB221E000 \SystemRoot\system32\dla\tfsnudfa.sys
0xF78C1000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xB21F6000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xB20FA000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB1FE9000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7A49000 \SystemRoot\System32\Drivers\ASCTRM.SYS
0xB1F0C000 \SystemRoot\system32\drivers\wdmaud.sys
0xB5A5E000 \SystemRoot\system32\drivers\sysaudio.sys
0xB1DA7000 \SystemRoot\system32\drivers\ctusfsyn.sys
0xB1D77000 \SystemRoot\system32\DRIVERS\ctoss2k.sys
0xB1D29000 \SystemRoot\system32\DRIVERS\ctsfm2k.sys
0xB1ED0000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xB1AC2000 \SystemRoot\system32\DRIVERS\srv.sys
0xF78B9000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB0B37000 \SystemRoot\System32\Drivers\HTTP.sys
0xB046A000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 67):
0 System Idle Process
4 System
772 C:\WINDOWS\system32\smss.exe
836 csrss.exe
864 C:\WINDOWS\system32\winlogon.exe
920 C:\WINDOWS\system32\services.exe
932 C:\WINDOWS\system32\lsass.exe
1144 C:\WINDOWS\system32\ati2evxx.exe
1164 C:\WINDOWS\system32\svchost.exe
1272 svchost.exe
1336 C:\WINDOWS\system32\svchost.exe
1392 C:\WINDOWS\system32\svchost.exe
1432 C:\Program Files\AVG\AVG9\avgchsvx.exe
1440 C:\Program Files\AVG\AVG9\avgrsx.exe
1496 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
1568 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
1608 C:\Program Files\AVG\AVG9\avgcsrvx.exe
1648 C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
236 svchost.exe
280 svchost.exe
528 C:\WINDOWS\system32\spoolsv.exe
600 C:\Program Files\Avira\AntiVir Desktop\sched.exe
676 svchost.exe
764 C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
832 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1668 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
176 C:\Program Files\AVG\AVG9\avgwdsvc.exe
244 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
596 C:\Program Files\Bonjour\mDNSResponder.exe
1504 C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
1644 C:\WINDOWS\system32\ati2evxx.exe
2064 C:\WINDOWS\system32\CTSVCCDA.EXE
2424 C:\WINDOWS\system32\drivers\KodakCCS.exe
2568 C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
2608 C:\Program Files\AVG\AVG9\avgnsx.exe
3232 C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
3240 C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
3248 C:\WINDOWS\stsystra.exe
3256 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3284 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
3360 C:\Program Files\Dell\Media Experience\PCMService.exe
3368 C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
3376 C:\WINDOWS\system32\rundll32.exe
3436 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
3456 C:\Program Files\Real\RealPlayer\realplay.exe
3480 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
3496 C:\WINDOWS\system32\dla\tfswctrl.exe
3528 C:\PROGRA~1\AVG\AVG9\avgtray.exe
3556 C:\Program Files\iTunes\iTunesHelper.exe
3572 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
3580 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
3596 C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
3632 C:\WINDOWS\system32\ctfmon.exe
3700 C:\WINDOWS\system32\ScsiAccess.EXE
3816 C:\DOCUME~1\Laura\LOCALS~1\temp\clclean.0001
184 C:\WINDOWS\system32\svchost.exe
1088 C:\Program Files\Viewpoint\Common\ViewpointService.exe
1740 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
704 alg.exe
656 C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
4216 C:\Program Files\iPod\bin\iPodService.exe
4764 C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
4520 C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
2132 C:\WINDOWS\explorer.exe
4032 C:\Program Files\Internet Explorer\iexplore.exe
5060 C:\WINDOWS\system32\wscntfy.exe
4616 C:\Documents and Settings\Laura\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02f10c00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000d`30f1d000 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: ST98823AS, Rev: 8.03
PhysicalDrive1 Model Number: WDC WD1200UE-00KVT0, Rev:

Size Device Name MBR Status
--------------------------------------------
73 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 00DE15F269E1E9C528E56095C709511D6E38CCD0
111 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: 2BE9ACE700A45722604874D4A10E3B6A212931F3


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:



Thanks,
Laura

Attached Files


Edited by Nightingale785, 19 August 2010 - 08:34 PM.


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:03 PM

Posted 19 August 2010 - 09:12 PM

thank you

gringo

Edited by gringo_pr, 20 August 2010 - 12:11 PM.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Nightingale785

Nightingale785
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 PM

Posted 20 August 2010 - 06:38 AM

Here ya go! Both are attached as files...

Edited by gringo_pr, 20 August 2010 - 12:13 PM.


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:03 PM

Posted 20 August 2010 - 12:02 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:
    Please visit this webpage for download links, and instructions for running the tool:

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    Please ensure you read this guide carefully and install the Recovery Console first.

    The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode.
    This allows us to more easily help you should your computer have a problem after an attempted removal of malware.
    It is a simple procedure that will only take a few moments of your time.


    Once installed, you should see a blue screen prompt that says:
      The Recovery Console was successfully installed.
    Please continue as follows:
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Click Yes to allow ComboFix to continue scanning for malware.

    When the tool is finished, it will produce a report for you.

    Please include the report in your next post:

    C:\ComboFix.txt

"information and logs"
    In your next post I need the following
    1. Log from Combofix
    2. let me know of any problems you may have had
    3. How is the computer doing now?

Gringo



I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Nightingale785

Nightingale785
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 PM

Posted 21 August 2010 - 08:01 AM

Hi Gringo,

Attached is the ComboFix log... I had no problems during the process, but the problems are all still there. Windows saying it's updating every few hours (even though I still can't access the site), random IE windows opening, and sometimes being routed to random sites when I do a Google search.

I WILL say though that within the past few days, the problem has been better than it was when I first posted here. Windows startup speed and Internet speed have both increased some. But like I said, the Google redirect and Windows update thing is still there...hasn't changed a bit.

Let me know what you think I should try next, thanks!

Laura

Attached Files



#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:03 PM

Posted 21 August 2010 - 12:20 PM

Hello

Here is what we need to do next

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Nightingale785

Nightingale785
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 PM

Posted 21 August 2010 - 12:29 PM

Gringo, I've copied and pasted the results of the TDSSkiller. It found no threats. I've also attached the log, in case you prefer to view it that way.




2010/08/21 13:26:02.0203 TDSS rootkit removing tool 2.4.1.2 Aug 16 2010 09:46:23
2010/08/21 13:26:02.0203 ================================================================================
2010/08/21 13:26:02.0203 SystemInfo:
2010/08/21 13:26:02.0203
2010/08/21 13:26:02.0203 OS Version: 5.1.2600 ServicePack: 3.0
2010/08/21 13:26:02.0203 Product type: Workstation
2010/08/21 13:26:02.0203 ComputerName: LAURA-LAPTOP
2010/08/21 13:26:02.0203 UserName: Laura
2010/08/21 13:26:02.0203 Windows directory: C:\WINDOWS
2010/08/21 13:26:02.0203 System windows directory: C:\WINDOWS
2010/08/21 13:26:02.0203 Processor architecture: Intel x86
2010/08/21 13:26:02.0203 Number of processors: 2
2010/08/21 13:26:02.0203 Page size: 0x1000
2010/08/21 13:26:02.0203 Boot type: Normal boot
2010/08/21 13:26:02.0203 ================================================================================
2010/08/21 13:26:02.0859 Initialize success
2010/08/21 13:26:06.0421 ================================================================================
2010/08/21 13:26:06.0421 Scan started
2010/08/21 13:26:06.0421 Mode: Manual;
2010/08/21 13:26:06.0421 ================================================================================
2010/08/21 13:26:09.0875 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2010/08/21 13:26:09.0937 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/08/21 13:26:09.0968 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/08/21 13:26:10.0015 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2010/08/21 13:26:10.0078 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/08/21 13:26:10.0125 AegisP (12dafd934641dcf61e446313bc261ec2) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2010/08/21 13:26:10.0171 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/08/21 13:26:10.0234 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/08/21 13:26:10.0250 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2010/08/21 13:26:10.0312 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2010/08/21 13:26:10.0328 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2010/08/21 13:26:10.0359 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2010/08/21 13:26:10.0390 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2010/08/21 13:26:10.0421 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2010/08/21 13:26:10.0453 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2010/08/21 13:26:10.0468 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2010/08/21 13:26:10.0546 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/08/21 13:26:10.0562 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2010/08/21 13:26:10.0593 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2010/08/21 13:26:10.0609 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2010/08/21 13:26:10.0671 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2010/08/21 13:26:10.0734 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/08/21 13:26:10.0796 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/08/21 13:26:10.0921 ati2mtag (bebeb471617782d138b6f92e7c3fab1c) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2010/08/21 13:26:11.0078 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/08/21 13:26:11.0093 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/08/21 13:26:11.0203 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2010/08/21 13:26:11.0312 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys
2010/08/21 13:26:11.0328 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\System32\Drivers\avgmfx86.sys
2010/08/21 13:26:11.0359 avgntflt (a88d29d928ad2b830e87b53e3f9bc182) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2010/08/21 13:26:11.0406 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\System32\Drivers\avgtdix.sys
2010/08/21 13:26:11.0437 avipbb (1289e9a5d9118a25a13c0009519088e3) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2010/08/21 13:26:11.0500 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2010/08/21 13:26:11.0531 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/08/21 13:26:11.0796 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2010/08/21 13:26:11.0812 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/08/21 13:26:11.0859 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/08/21 13:26:11.0921 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2010/08/21 13:26:11.0968 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/08/21 13:26:12.0015 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/08/21 13:26:12.0046 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/08/21 13:26:12.0125 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2010/08/21 13:26:12.0171 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2010/08/21 13:26:12.0218 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2010/08/21 13:26:12.0250 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2010/08/21 13:26:12.0312 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
2010/08/21 13:26:12.0390 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
2010/08/21 13:26:12.0453 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2010/08/21 13:26:12.0484 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2010/08/21 13:26:12.0531 DcCam (30e4c5de753616ba1243a05a4ff5aad2) C:\WINDOWS\system32\DRIVERS\DcCam.sys
2010/08/21 13:26:12.0578 DcFpoint (a444074caaccc2e794d2e5f93d2679ee) C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
2010/08/21 13:26:12.0625 DCFS2K (6e770432a09617ca74cb0525edf06ef3) C:\WINDOWS\system32\drivers\dcfs2k.sys
2010/08/21 13:26:12.0656 DcLps (89977377aa94d71c1dde3a82d23223cc) C:\WINDOWS\system32\DRIVERS\DcLps.sys
2010/08/21 13:26:12.0687 DcPTP (ce0ae71bb5a092d5bb0b298d5bc7a208) C:\WINDOWS\system32\DRIVERS\DcPTP.sys
2010/08/21 13:26:12.0734 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/08/21 13:26:12.0812 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/08/21 13:26:12.0921 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/08/21 13:26:12.0968 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/08/21 13:26:13.0031 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/08/21 13:26:13.0093 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2010/08/21 13:26:13.0125 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/08/21 13:26:13.0156 drvmcdb (96bc8f872f0270c10edc3931f1c03776) C:\WINDOWS\system32\drivers\drvmcdb.sys
2010/08/21 13:26:13.0218 drvnddm (5afbec7a6ac61b211633dfdb1d9e0c89) C:\WINDOWS\system32\drivers\drvnddm.sys
2010/08/21 13:26:13.0281 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/08/21 13:26:13.0343 Exportit (80fb249def6f5a157b531349e71cc6ac) C:\WINDOWS\system32\DRIVERS\exportit.sys
2010/08/21 13:26:13.0406 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/08/21 13:26:13.0453 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/08/21 13:26:13.0500 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/08/21 13:26:13.0546 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/08/21 13:26:13.0593 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/08/21 13:26:13.0656 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/08/21 13:26:13.0703 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/08/21 13:26:13.0734 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2010/08/21 13:26:13.0781 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/08/21 13:26:13.0843 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/08/21 13:26:13.0890 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/08/21 13:26:13.0937 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2010/08/21 13:26:14.0015 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2010/08/21 13:26:14.0078 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2010/08/21 13:26:14.0218 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/08/21 13:26:14.0265 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/08/21 13:26:14.0312 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2010/08/21 13:26:14.0359 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/08/21 13:26:14.0375 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/08/21 13:26:14.0437 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2010/08/21 13:26:14.0484 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/08/21 13:26:14.0531 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/08/21 13:26:14.0578 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/08/21 13:26:14.0625 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/08/21 13:26:14.0671 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/08/21 13:26:14.0718 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/08/21 13:26:14.0765 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/08/21 13:26:14.0812 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/08/21 13:26:14.0843 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/08/21 13:26:14.0875 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/08/21 13:26:14.0890 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/08/21 13:26:14.0921 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/08/21 13:26:15.0031 LVPrcMon (4fd5a6335fb4fc1f758088b2f90613fe) C:\WINDOWS\system32\drivers\LVPrcMon.sys
2010/08/21 13:26:15.0125 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/08/21 13:26:15.0156 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/08/21 13:26:15.0218 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/08/21 13:26:15.0328 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
2010/08/21 13:26:15.0437 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/08/21 13:26:15.0484 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/08/21 13:26:15.0515 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/08/21 13:26:15.0578 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2010/08/21 13:26:15.0625 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/08/21 13:26:15.0687 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/08/21 13:26:15.0750 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/08/21 13:26:15.0812 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/08/21 13:26:15.0843 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/08/21 13:26:15.0859 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/08/21 13:26:15.0906 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/08/21 13:26:15.0937 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/08/21 13:26:15.0984 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/08/21 13:26:16.0015 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/08/21 13:26:16.0078 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/08/21 13:26:16.0109 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/08/21 13:26:16.0140 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/08/21 13:26:16.0171 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/08/21 13:26:16.0203 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/08/21 13:26:16.0218 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/08/21 13:26:16.0265 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/08/21 13:26:16.0296 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/08/21 13:26:16.0359 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/08/21 13:26:16.0390 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/08/21 13:26:16.0468 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/08/21 13:26:16.0578 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/08/21 13:26:16.0671 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/08/21 13:26:16.0812 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/08/21 13:26:16.0843 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/08/21 13:26:16.0906 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/08/21 13:26:16.0921 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
2010/08/21 13:26:16.0984 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
2010/08/21 13:26:17.0046 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/08/21 13:26:17.0093 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/08/21 13:26:17.0140 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/08/21 13:26:17.0187 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/08/21 13:26:17.0250 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/08/21 13:26:17.0296 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/08/21 13:26:17.0406 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2010/08/21 13:26:17.0453 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2010/08/21 13:26:17.0531 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/08/21 13:26:17.0562 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/08/21 13:26:17.0625 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/08/21 13:26:17.0671 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/08/21 13:26:17.0734 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2010/08/21 13:26:17.0765 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2010/08/21 13:26:17.0796 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2010/08/21 13:26:17.0812 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2010/08/21 13:26:17.0859 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2010/08/21 13:26:17.0890 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/08/21 13:26:17.0968 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/08/21 13:26:18.0000 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/08/21 13:26:18.0062 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/08/21 13:26:18.0109 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/08/21 13:26:18.0140 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/08/21 13:26:18.0203 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/08/21 13:26:18.0250 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/08/21 13:26:18.0296 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/08/21 13:26:18.0359 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2010/08/21 13:26:18.0390 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2010/08/21 13:26:18.0421 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
2010/08/21 13:26:18.0484 s24trans (2e4e912ce95f5ef4d4a5079f6ce367fc) C:\WINDOWS\system32\DRIVERS\s24trans.sys
2010/08/21 13:26:18.0546 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2010/08/21 13:26:18.0609 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/08/21 13:26:18.0671 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/08/21 13:26:18.0718 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/08/21 13:26:18.0781 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2010/08/21 13:26:18.0796 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2010/08/21 13:26:18.0812 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/08/21 13:26:18.0875 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2010/08/21 13:26:18.0906 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/08/21 13:26:18.0953 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2010/08/21 13:26:18.0984 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2010/08/21 13:26:19.0015 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/08/21 13:26:19.0078 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/08/21 13:26:19.0125 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/08/21 13:26:19.0156 sscdbhk5 (98625722ad52b40305e74aaa83c93086) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2010/08/21 13:26:19.0187 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2010/08/21 13:26:19.0203 ssrtln (d79412e3942c8a257253487536d5a994) C:\WINDOWS\system32\drivers\ssrtln.sys
2010/08/21 13:26:19.0312 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
2010/08/21 13:26:19.0437 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/08/21 13:26:19.0468 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/08/21 13:26:19.0500 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/08/21 13:26:19.0562 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2010/08/21 13:26:19.0593 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2010/08/21 13:26:19.0625 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2010/08/21 13:26:19.0640 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2010/08/21 13:26:19.0718 SynTP (35d5b3632e0bcebe27b391157de05996) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2010/08/21 13:26:19.0765 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/08/21 13:26:19.0843 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/08/21 13:26:19.0906 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/08/21 13:26:19.0937 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/08/21 13:26:19.0968 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/08/21 13:26:20.0078 tfsnboio (d0177776e11b0b3f272eebd262a69661) C:\WINDOWS\system32\dla\tfsnboio.sys
2010/08/21 13:26:20.0109 tfsncofs (599804bc938b8305a5422319774da871) C:\WINDOWS\system32\dla\tfsncofs.sys
2010/08/21 13:26:20.0125 tfsndrct (a1902c00adc11c4d83f8e3ed947a6a32) C:\WINDOWS\system32\dla\tfsndrct.sys
2010/08/21 13:26:20.0140 tfsndres (d8ddb3f2b1bef15cff6728d89c042c61) C:\WINDOWS\system32\dla\tfsndres.sys
2010/08/21 13:26:20.0171 tfsnifs (c4f2dea75300971cdaee311007de138d) C:\WINDOWS\system32\dla\tfsnifs.sys
2010/08/21 13:26:20.0203 tfsnopio (272925be0ea919f08286d2ee6f102b0f) C:\WINDOWS\system32\dla\tfsnopio.sys
2010/08/21 13:26:20.0218 tfsnpool (7b7d955e5cebc2fb88b03ef875d52a2f) C:\WINDOWS\system32\dla\tfsnpool.sys
2010/08/21 13:26:20.0265 tfsnudf (e3d01263109d800c1967c12c10a0b018) C:\WINDOWS\system32\dla\tfsnudf.sys
2010/08/21 13:26:20.0296 tfsnudfa (b9e9c377906e3a65bc74598fff7f7458) C:\WINDOWS\system32\dla\tfsnudfa.sys
2010/08/21 13:26:20.0359 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2010/08/21 13:26:20.0406 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/08/21 13:26:20.0437 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2010/08/21 13:26:20.0500 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/08/21 13:26:20.0562 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/08/21 13:26:20.0640 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/08/21 13:26:20.0687 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/08/21 13:26:20.0718 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/08/21 13:26:20.0750 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/08/21 13:26:20.0781 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/08/21 13:26:20.0812 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/08/21 13:26:20.0859 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/08/21 13:26:20.0875 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/08/21 13:26:20.0937 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/08/21 13:26:20.0984 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2010/08/21 13:26:21.0031 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2010/08/21 13:26:21.0062 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/08/21 13:26:21.0203 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
2010/08/21 13:26:21.0343 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/08/21 13:26:21.0421 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/08/21 13:26:21.0515 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2010/08/21 13:26:21.0671 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2010/08/21 13:26:21.0703 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/08/21 13:26:21.0765 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/08/21 13:26:21.0828 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/08/21 13:26:21.0890 ================================================================================
2010/08/21 13:26:21.0890 Scan finished
2010/08/21 13:26:21.0890 ================================================================================
2010/08/21 13:26:49.0000 Deinitialize success

Attached Files


Edited by Nightingale785, 21 August 2010 - 12:29 PM.


#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:03 PM

Posted 21 August 2010 - 01:29 PM

Greetings

Print out these instructions to use while in the Recovery Console:
    1.Restart your computer.
    2.Before Windows loads, you will be prompted to choose which Operating System to start.
    3.Use the up and down arrow key to select Microsoft Windows Recovery Console
    4.You must enter which Windows installation to log onto. Type 1 and press 'Enter'.
    5.At the C:\Windows prompt, type the following bolded entries, and press 'Enter'
      fixmbr
Now I would like you to rerun this program for me

MBRCheck

Please also download MBRCheck to your desktop
  • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
  • It will show a Black screen with some data on it
  • a report called MBRcheck will be on your desktop
  • open this report
  • Right click on the screen and select > Select All
  • Press Control+C
  • now please copy that report to this thread
Let me know of any problems and the status of the computer

Gringo

Edited by gringo_pr, 21 August 2010 - 01:30 PM.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Nightingale785

Nightingale785
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 PM

Posted 21 August 2010 - 03:21 PM

Problem: I was able to do steps 1-3 for the Recovery Console; however, when it is "Starting Windows Recovery Console", it stays on that screen indefinitely. Is it supposed to take an hour or more to get to step 4 in your instructions? Because that's how long I let it sit there, before finally restarting my computer again. I don't have a log for you since I was unable to do the 'fixmbr'.

What should I do? Is there another way to get into the Recovery Console?

Thanks.

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:03 PM

Posted 21 August 2010 - 03:30 PM

Burn recovery console cd
  • Download recovery_console_cd.zip file to your drive and extract it to its own folder (c:\recoverycd for example).
  • Download floppy disk setup package xp Pro for your operating system (XP Pro) and save it to the folder you extracted the zip to.
  • Rename the floppy disk setup package to Bootdisk.exe.
  • Insert a blank cd into your burner.
  • Double-click the RecoveryCD.bat file and follow the prompts to burn a cd that will allow you to boot to the recovery console.

Boot into recovery console
  • insert the cd that we made into cd player
  • restart the computer
  • screen will say "Windows set up" just wait
  • at the welcome screen press "R"
  • type 1 to enter c:\windows
  • type in the following and press enter
    • fixmbr

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Nightingale785

Nightingale785
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 PM

Posted 21 August 2010 - 03:58 PM

Am I supposed to still do steps 1-3 of your previous instructions, and then wait for the setup screen again? Or should I just restart (letting it go to normal mode) and wait for the computer to read the disc??

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:03 PM

Posted 21 August 2010 - 04:18 PM

restart and let the computer read the disc
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Nightingale785

Nightingale785
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 PM

Posted 21 August 2010 - 06:06 PM

I'm not sure if it's something I'm doing wrong, but I don't believe this is working. I was able to download everything and make the CD, but when I restart, it never reads the disc. I made 2 disks too, thinking the first one was scratched or unreadable. It just restarts normally into my Windows, and my desktop shows up, and nothing is ever prompted to run. I did not see a screen that says "Windows set up", but when it got to the Welcome screen (where I normally put my password in), I still pressed "R" just in case...and like I said, nothing happened. sad.gif Now what?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users