Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP Home Security 2012


  • Please log in to reply
9 replies to this topic

#1 mtdar

mtdar

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 21 December 2011 - 08:54 PM

Hi all,

I think my computer is infected. I get this XP Home Security 2012 running scans all the time. I can't open Internet Explorer or run Malwarebytes. Any help would be greatly appreciated.

Thanks.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:09:04 PM

Posted 21 December 2011 - 09:11 PM

See here: http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:04 AM

Posted 21 December 2011 - 09:17 PM

Hello mtdar and welcome.

Please follow our Removal Guide here Remove XP Home Security 2012 .
After reading how the malware is misleading you ...
You will move to the Automated Removal Instructions

After you completed that, post your scan log here,let me know how things are.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Also the other tool log.. A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 mtdar

mtdar
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 22 December 2011 - 11:00 AM

Hi Boopme,

Thanks for the help. Here we are so far.
Internet Explorer and Malwarebyes works now.
The problems that I've noticed are Windows and Security Essentials won't update now.
The logs are listed below.

Malwarebytes Log:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 911122201

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/21/2011 9:53:40 PM
mbam-log-2011-12-21 (21-53-40).txt

Scan type: Full scan (C:\|)
Objects scanned: 212625
Time elapsed: 41 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\Owner\local settings\application data\tyh.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.

TDDSKiller Log:

21:57:48.0250 1108 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
21:57:48.0296 1108 ============================================================
21:57:48.0296 1108 Current date / time: 2011/12/21 21:57:48.0296
21:57:48.0296 1108 SystemInfo:
21:57:48.0296 1108
21:57:48.0296 1108 OS Version: 5.1.2600 ServicePack: 3.0
21:57:48.0296 1108 Product type: Workstation
21:57:48.0296 1108 ComputerName: STEVE-9CDA7BC84
21:57:48.0296 1108 UserName: Owner
21:57:48.0328 1108 Windows directory: C:\WINDOWS
21:57:48.0328 1108 System windows directory: C:\WINDOWS
21:57:48.0328 1108 Processor architecture: Intel x86
21:57:48.0328 1108 Number of processors: 1
21:57:48.0328 1108 Page size: 0x1000
21:57:48.0328 1108 Boot type: Normal boot
21:57:48.0328 1108 ============================================================
21:57:50.0906 1108 Initialize success
21:58:23.0171 0732 ============================================================
21:58:23.0171 0732 Scan started
21:58:23.0171 0732 Mode: Manual;
21:58:23.0171 0732 ============================================================
21:58:23.0375 0732 Abiosdsk - ok
21:58:23.0406 0732 abp480n5 - ok
21:58:23.0484 0732 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:58:23.0484 0732 ACPI - ok
21:58:23.0640 0732 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:58:23.0640 0732 ACPIEC - ok
21:58:23.0687 0732 adpu160m - ok
21:58:23.0812 0732 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:58:23.0812 0732 aec - ok
21:58:23.0953 0732 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:58:23.0968 0732 AFD - ok
21:58:24.0093 0732 Aha154x - ok
21:58:24.0109 0732 aic78u2 - ok
21:58:24.0140 0732 aic78xx - ok
21:58:24.0171 0732 AliIde - ok
21:58:24.0203 0732 amsint - ok
21:58:24.0234 0732 asc - ok
21:58:24.0250 0732 asc3350p - ok
21:58:24.0281 0732 asc3550 - ok
21:58:24.0359 0732 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:58:24.0375 0732 AsyncMac - ok
21:58:24.0546 0732 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:58:24.0546 0732 atapi - ok
21:58:24.0656 0732 Atdisk - ok
21:58:24.0734 0732 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:58:24.0734 0732 Atmarpc - ok
21:58:24.0890 0732 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:58:24.0890 0732 audstub - ok
21:58:24.0937 0732 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:58:24.0953 0732 Beep - ok
21:58:25.0140 0732 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
21:58:25.0171 0732 BVRPMPR5 - ok
21:58:25.0281 0732 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:58:25.0281 0732 cbidf2k - ok
21:58:25.0375 0732 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:58:25.0375 0732 CCDECODE - ok
21:58:25.0468 0732 cd20xrnt - ok
21:58:25.0531 0732 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:58:25.0531 0732 Cdaudio - ok
21:58:25.0640 0732 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:58:25.0640 0732 Cdfs - ok
21:58:25.0718 0732 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\CDROM.SYS
21:58:25.0718 0732 Cdrom - ok
21:58:25.0812 0732 Changer - ok
21:58:25.0875 0732 CmdIde - ok
21:58:25.0921 0732 Cpqarray - ok
21:58:25.0953 0732 dac2w2k - ok
21:58:25.0968 0732 dac960nt - ok
21:58:26.0046 0732 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:58:26.0046 0732 Disk - ok
21:58:26.0203 0732 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:58:26.0234 0732 dmboot - ok
21:58:26.0390 0732 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:58:26.0390 0732 dmio - ok
21:58:26.0468 0732 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:58:26.0468 0732 dmload - ok
21:58:26.0593 0732 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:58:26.0593 0732 DMusic - ok
21:58:26.0718 0732 dpti2o - ok
21:58:26.0796 0732 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:58:26.0796 0732 drmkaud - ok
21:58:26.0953 0732 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:58:26.0953 0732 Fastfat - ok
21:58:27.0078 0732 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:58:27.0078 0732 Fdc - ok
21:58:27.0156 0732 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:58:27.0156 0732 Fips - ok
21:58:27.0265 0732 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:58:27.0265 0732 Flpydisk - ok
21:58:27.0343 0732 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:58:27.0343 0732 FltMgr - ok
21:58:27.0500 0732 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:58:27.0500 0732 Fs_Rec - ok
21:58:27.0578 0732 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:58:27.0593 0732 Ftdisk - ok
21:58:27.0718 0732 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:58:27.0734 0732 GEARAspiWDM - ok
21:58:27.0812 0732 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:58:27.0812 0732 Gpc - ok
21:58:27.0968 0732 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:58:27.0968 0732 HidUsb - ok
21:58:28.0031 0732 hpn - ok
21:58:28.0156 0732 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:58:28.0187 0732 HTTP - ok
21:58:28.0296 0732 i2omgmt - ok
21:58:28.0328 0732 i2omp - ok
21:58:28.0375 0732 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:58:28.0375 0732 i8042prt - ok
21:58:28.0562 0732 ialm (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:58:28.0593 0732 ialm - ok
21:58:28.0656 0732 icsak - ok
21:58:28.0812 0732 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:58:28.0812 0732 Imapi - ok
21:58:28.0937 0732 ini910u - ok
21:58:29.0078 0732 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
21:58:29.0078 0732 IntelC51 - ok
21:58:29.0250 0732 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
21:58:29.0250 0732 IntelC52 - ok
21:58:29.0390 0732 IntelC53 (de2686c0e012e6ae24acd6e79eb7ff5d) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
21:58:29.0390 0732 IntelC53 - ok
21:58:29.0468 0732 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:58:29.0468 0732 IntelIde - ok
21:58:29.0546 0732 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:58:29.0546 0732 intelppm - ok
21:58:29.0656 0732 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:58:29.0656 0732 Ip6Fw - ok
21:58:29.0796 0732 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:58:29.0796 0732 IpFilterDriver - ok
21:58:29.0906 0732 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:58:29.0906 0732 IpInIp - ok
21:58:30.0000 0732 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:58:30.0000 0732 IpNat - ok
21:58:30.0109 0732 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:58:30.0109 0732 IPSec - ok
21:58:30.0250 0732 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:58:30.0250 0732 IRENUM - ok
21:58:30.0343 0732 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:58:30.0343 0732 isapnp - ok
21:58:30.0453 0732 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:58:30.0453 0732 Kbdclass - ok
21:58:30.0578 0732 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:58:30.0578 0732 kbdhid - ok
21:58:30.0703 0732 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:58:30.0703 0732 kmixer - ok
21:58:30.0812 0732 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:58:30.0812 0732 KSecDD - ok
21:58:30.0968 0732 lbrtfdc - ok
21:58:31.0046 0732 MBAMSwissArmy - ok
21:58:31.0109 0732 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:58:31.0109 0732 mnmdd - ok
21:58:31.0218 0732 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:58:31.0218 0732 Modem - ok
21:58:31.0296 0732 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:58:31.0296 0732 MODEMCSA - ok
21:58:31.0421 0732 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
21:58:31.0421 0732 mohfilt - ok
21:58:31.0515 0732 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:58:31.0515 0732 Mouclass - ok
21:58:31.0640 0732 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:58:31.0640 0732 mouhid - ok
21:58:31.0734 0732 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:58:31.0734 0732 MountMgr - ok
21:58:31.0906 0732 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:58:31.0906 0732 MpFilter - ok
21:58:32.0031 0732 MpKsl663756ca (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C2FDB044-8E05-43F9-996C-9B05A3893E52}\MpKsl663756ca.sys
21:58:32.0031 0732 MpKsl663756ca - ok
21:58:32.0140 0732 mraid35x - ok
21:58:32.0203 0732 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:58:32.0203 0732 MRxDAV - ok
21:58:32.0359 0732 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:58:32.0453 0732 MRxSmb - ok
21:58:32.0625 0732 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:58:32.0625 0732 Msfs - ok
21:58:32.0687 0732 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:58:32.0687 0732 MSKSSRV - ok
21:58:32.0796 0732 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:58:32.0796 0732 MSPCLOCK - ok
21:58:32.0890 0732 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:58:32.0890 0732 MSPQM - ok
21:58:33.0031 0732 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:58:33.0046 0732 mssmbios - ok
21:58:33.0140 0732 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:58:33.0140 0732 MSTEE - ok
21:58:33.0250 0732 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:58:33.0250 0732 Mup - ok
21:58:33.0375 0732 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:58:33.0375 0732 NABTSFEC - ok
21:58:33.0468 0732 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:58:33.0484 0732 NDIS - ok
21:58:33.0593 0732 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:58:33.0593 0732 NdisIP - ok
21:58:33.0687 0732 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:58:33.0703 0732 NdisTapi - ok
21:58:33.0859 0732 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:58:33.0859 0732 Ndisuio - ok
21:58:33.0968 0732 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:58:33.0984 0732 NdisWan - ok
21:58:34.0140 0732 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:58:34.0140 0732 NDProxy - ok
21:58:34.0234 0732 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:58:34.0234 0732 NetBIOS - ok
21:58:34.0343 0732 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:58:34.0343 0732 NetBT - ok
21:58:34.0546 0732 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:58:34.0546 0732 Npfs - ok
21:58:34.0640 0732 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:58:34.0656 0732 Ntfs - ok
21:58:34.0812 0732 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:58:34.0812 0732 Null - ok
21:58:34.0906 0732 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:58:34.0906 0732 NwlnkFlt - ok
21:58:35.0062 0732 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:58:35.0062 0732 NwlnkFwd - ok
21:58:35.0140 0732 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
21:58:35.0156 0732 Parport - ok
21:58:35.0281 0732 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:58:35.0281 0732 PartMgr - ok
21:58:35.0359 0732 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:58:35.0359 0732 ParVdm - ok
21:58:35.0500 0732 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:58:35.0500 0732 PCI - ok
21:58:35.0578 0732 PCIDump - ok
21:58:35.0687 0732 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
21:58:35.0687 0732 PCIIde - ok
21:58:35.0828 0732 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:58:35.0843 0732 Pcmcia - ok
21:58:35.0890 0732 PDCOMP - ok
21:58:36.0000 0732 PDFRAME - ok
21:58:36.0031 0732 PDRELI - ok
21:58:36.0046 0732 PDRFRAME - ok
21:58:36.0062 0732 perc2 - ok
21:58:36.0093 0732 perc2hib - ok
21:58:36.0171 0732 phc700 (8a3a05186cc4a9198581a0a09d38e959) C:\WINDOWS\system32\DRIVERS\phc700.sys
21:58:36.0203 0732 phc700 - ok
21:58:36.0375 0732 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:58:36.0375 0732 PptpMiniport - ok
21:58:36.0437 0732 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:58:36.0437 0732 PSched - ok
21:58:36.0578 0732 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:58:36.0578 0732 Ptilink - ok
21:58:36.0671 0732 PxHelp20 (db3b30c3a4cdcf07e164c14584d9d0f2) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:58:36.0687 0732 PxHelp20 - ok
21:58:36.0781 0732 ql1080 - ok
21:58:36.0859 0732 Ql10wnt - ok
21:58:36.0937 0732 ql12160 - ok
21:58:37.0000 0732 ql1240 - ok
21:58:37.0078 0732 ql1280 - ok
21:58:37.0140 0732 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:58:37.0140 0732 RasAcd - ok
21:58:37.0265 0732 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:58:37.0265 0732 Rasl2tp - ok
21:58:37.0359 0732 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:58:37.0359 0732 RasPppoe - ok
21:58:37.0453 0732 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:58:37.0453 0732 Raspti - ok
21:58:37.0562 0732 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:58:37.0562 0732 Rdbss - ok
21:58:37.0718 0732 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:58:37.0718 0732 RDPCDD - ok
21:58:37.0843 0732 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:58:37.0843 0732 RDPWD - ok
21:58:37.0968 0732 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:58:37.0968 0732 redbook - ok
21:58:38.0093 0732 rt2870 (e2e588d92c8e151cd3515ee09fec90e2) C:\WINDOWS\system32\DRIVERS\rt2870.sys
21:58:38.0234 0732 rt2870 - ok
21:58:38.0375 0732 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
21:58:38.0375 0732 RTL8023xp - ok
21:58:38.0468 0732 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
21:58:38.0468 0732 rtl8139 - ok
21:58:38.0640 0732 SASDIFSV (39763504067962108505bff25f024345) C:\DOCUME~1\Owner\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS
21:58:38.0640 0732 SASDIFSV - ok
21:58:38.0718 0732 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\DOCUME~1\Owner\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS
21:58:38.0718 0732 SASKUTIL - ok
21:58:38.0875 0732 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:58:38.0875 0732 Secdrv - ok
21:58:38.0984 0732 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
21:58:39.0015 0732 senfilt - ok
21:58:39.0187 0732 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:58:39.0187 0732 serenum - ok
21:58:39.0234 0732 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
21:58:39.0234 0732 Serial - ok
21:58:39.0390 0732 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:58:39.0390 0732 Sfloppy - ok
21:58:39.0515 0732 Simbad - ok
21:58:39.0578 0732 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:58:39.0593 0732 SLIP - ok
21:58:39.0703 0732 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
21:58:39.0734 0732 smwdm - ok
21:58:39.0765 0732 Sparrow - ok
21:58:39.0906 0732 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:58:39.0906 0732 splitter - ok
21:58:39.0968 0732 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:58:39.0968 0732 sr - ok
21:58:40.0140 0732 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:58:40.0156 0732 Srv - ok
21:58:40.0312 0732 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
21:58:40.0312 0732 StarOpen - ok
21:58:40.0390 0732 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:58:40.0390 0732 streamip - ok
21:58:40.0531 0732 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:58:40.0531 0732 swenum - ok
21:58:40.0562 0732 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:58:40.0562 0732 swmidi - ok
21:58:40.0687 0732 symc810 - ok
21:58:40.0765 0732 symc8xx - ok
21:58:40.0781 0732 sym_hi - ok
21:58:40.0812 0732 sym_u3 - ok
21:58:40.0859 0732 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:58:40.0859 0732 sysaudio - ok
21:58:40.0984 0732 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:58:41.0000 0732 Tcpip - ok
21:58:41.0156 0732 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:58:41.0156 0732 TDPIPE - ok
21:58:41.0281 0732 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:58:41.0281 0732 TDTCP - ok
21:58:41.0359 0732 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:58:41.0359 0732 TermDD - ok
21:58:41.0453 0732 TosIde - ok
21:58:41.0640 0732 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:58:41.0640 0732 Udfs - ok
21:58:41.0687 0732 ultra - ok
21:58:41.0828 0732 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:58:41.0843 0732 Update - ok
21:58:41.0968 0732 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
21:58:41.0968 0732 USBAAPL - ok
21:58:42.0031 0732 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:58:42.0046 0732 usbaudio - ok
21:58:42.0187 0732 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:58:42.0187 0732 usbccgp - ok
21:58:42.0265 0732 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:58:42.0265 0732 usbehci - ok
21:58:42.0375 0732 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:58:42.0375 0732 usbhub - ok
21:58:42.0500 0732 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:58:42.0515 0732 usbscan - ok
21:58:42.0578 0732 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:58:42.0578 0732 USBSTOR - ok
21:58:42.0703 0732 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:58:42.0703 0732 usbuhci - ok
21:58:42.0765 0732 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:58:42.0781 0732 VgaSave - ok
21:58:42.0890 0732 ViaIde - ok
21:58:42.0953 0732 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:58:42.0953 0732 VolSnap - ok
21:58:43.0125 0732 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:58:43.0125 0732 Wanarp - ok
21:58:43.0234 0732 WDICA - ok
21:58:43.0312 0732 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:58:43.0312 0732 wdmaud - ok
21:58:43.0515 0732 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:58:43.0515 0732 WpdUsb - ok
21:58:43.0671 0732 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:58:43.0671 0732 WSTCODEC - ok
21:58:43.0781 0732 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:58:43.0781 0732 WudfPf - ok
21:58:43.0859 0732 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:58:43.0859 0732 WudfRd - ok
21:58:43.0937 0732 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:58:44.0078 0732 \Device\Harddisk0\DR0 - ok
21:58:44.0093 0732 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR3
21:58:44.0093 0732 \Device\Harddisk1\DR3 - ok
21:58:44.0109 0732 Boot (0x1200) (a6f41edc93a86a81e1c99c734c3de081) \Device\Harddisk0\DR0\Partition0
21:58:44.0109 0732 \Device\Harddisk0\DR0\Partition0 - ok
21:58:44.0125 0732 Boot (0x1200) (672190832b2358b0ffccc6c42b29260b) \Device\Harddisk1\DR3\Partition0
21:58:44.0125 0732 \Device\Harddisk1\DR3\Partition0 - ok
21:58:44.0125 0732 ============================================================
21:58:44.0125 0732 Scan finished
21:58:44.0125 0732 ============================================================
21:58:44.0156 0320 Detected object count: 0
21:58:44.0156 0320 Actual detected object count: 0
21:59:24.0046 1316 Deinitialize success

Please let me know what's next.
Thanks.

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:04 AM

Posted 22 December 2011 - 12:49 PM

We need to repair some of windows' internal registration settings
  • Please download Dial-A-Fix from one of the following mirrors:
  • Extract the zip file to your desktop.
  • Double click Dial-a-Fix.exe to start the program.
  • Press the green double checkmark box (Looks like this: Posted Image)
  • UNcheck "Empty Temp Folders", as well as "Adjust Time/Date" in the prep section. The prep section should then look like this:
    Posted Image
  • When the window looks like this, press the GO button in the bottom of the window.
    Posted Image
  • Exit/Close Dial-A-Fix

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 mtdar

mtdar
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 23 December 2011 - 10:33 AM

Hi Boopme,

Thanks for your wonderful assistance. The computer is running much better now.

Happy Holidays.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:04 AM

Posted 23 December 2011 - 11:12 AM

:santa:
My pleasure...... Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 tmechanic

tmechanic

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:04 PM

Posted 26 December 2011 - 11:30 AM

Boopme Everytime i try to download Dial-a-Fix i get a McAfee warning That it is harmful. Should i ignore or do i have other problems

Thanks

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:04 AM

Posted 26 December 2011 - 12:39 PM

If you are running XP let it thru....
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 tmechanic

tmechanic

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:04 PM

Posted 26 December 2011 - 09:15 PM

Thanks for the help, With all the problems i've had clearing this mess i wasn't sure.

Don




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users