Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

IE Browser Windows Pop Up Randomly

Started by joesalez , Dec 21 2010 09:38 AM

  • Please log in to reply

#1
joesalez
Posted 21 December 2010 - 09:38 AM

joesalez

    Member

  • Member
  • PipPip
  • 12 posts
A virus infected my computer on Sunday Dec. 19, 2010. I have PC Doctor installed but I had it disabled due to the fact it slows my computer down tremendously at times (dumb me, I know!)

The virus was one that kept saying my computer was infected and I needed to buy Registry Defender. Also, IE windows kept opening up on their own with websites I didn't type in (nothing bad, just odd sites, well, odd to me, like the Jacksonville News, etc.)

I downloaded TFC by Old Timer and Malwarebytes' Anti-Malware, ran them both, saw they found some bad stuff, removed everything and rebooted my computer. Everything seemed to work fine, but I still get random IE windows opening (about 1 every 2-3 hours) and I get an error message (also about every 2-3 hours) saying something like "generic host process for win32 reporting" error.

I have enabled PC Doctor, ran a full scan, deleted some minor items, reran TFC and Malwarebytes', but I'm still getting the same popup windows and error report.

One last bit of info - I don't know if this is related in any way, but the fan in my CPU is running a lot in the past day or so. The box doesn't feel warm, but it sounds like it's about to explode! I turned my computer off for a little bit, but it still sounds like it is running hot, or at the least, working overtime!

Thanks for any help I get.

Everytime I ran TFC, it automatically rebooted my computer when it was finished. There weren't any logs. When I've ran Malwarebytes', there are logs. I've ran it several times since Sunday and here are the logs:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5359

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/19/2010 6:21:39 PM
mbam-log-2010-12-19 (18-21-39).txt

Scan type: Quick scan
Objects scanned: 139246
Time elapsed: 8 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F02FABCB-92DD-475A-98AF-14217BD50746} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RapportMgmtService.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RapportService.exe (Security.Hijack) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\huojjdgg (Rogue.AntivirusSuite.Gen) -> Value: huojjdgg -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{21646710-A5E8-C4AA-2EA7-6BBB062D1011} (Trojan.ZbotR.Gen) -> Value: {21646710-A5E8-C4AA-2EA7-6BBB062D1011} -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\Owner\application data\Adobe\plugs\kb278916906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Owner\application data\Adobe\plugs\kb278969421.exe (Trojan.Agent) -> Quarantined and deleted successfully.

-------------------------------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5360

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/20/2010 8:50:32 AM
mbam-log-2010-12-20 (08-50-32).txt

Scan type: Full scan (C:\|)
Objects scanned: 215377
Time elapsed: 1 hour(s), 31 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\all users\application data\iokmh06501\iokmh06501.exe (Rogue.SystemTool) -> Quarantined and deleted successfully.
c:\documents and settings\Owner\Desktop\backup other computers\DELL PC\my documents\Desktop.exe (Joke.Stressreducer) -> Quarantined and deleted successfully.

-------------------------------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5360

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/21/2010 1:04:23 AM
mbam-log-2010-12-21 (01-04-23).txt

Scan type: Full scan (C:\|)
Objects scanned: 203291
Time elapsed: 1 hour(s), 38 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements

#2
joesalez
Posted 21 December 2010 - 11:37 AM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Here is the exact error reporting message I have been getting:

Generic Host Process for Win32 Services

Error Signature

szAppName : svchost.exe szAppVer : 5.1.2600.5512 szModName : ntdll.dll
szModVer : 5.1.2600.5755 offset : 00023845

Error Report Contents: The following will be included in this error report:

c:\DOCUME=1\Owner\LOCALS=1\TEMP\WER660a.dir00\svchost.exe.mdmp
c:\DOCUME=1\Owner\LOCALS=1\TEMP\WER660a.dir00\appcompat.txt

(Note from Joesalez: The equals sign (=) above should actually be a squiggly sign but I don't know how to insert it.)
  • 0

#3
joesalez
Posted 21 December 2010 - 11:39 AM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
As soon as I finished typing in the previous reply, a new browser window opened and told me I had a virus. Here is the website address that was in the browser window:

http://pcspeedmaximi....com/index.html
  • 0

#4
joesalez
Posted 21 December 2010 - 03:45 PM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I found another post similar to mine and the tech said to run the following 4 programs and post the log results. (I will post the log results in 4 separate replies):

TDSSKiller:

2010/12/21 14:02:09.0218 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2010/12/21 14:02:09.0218 ================================================================================
2010/12/21 14:02:09.0218 SystemInfo:
2010/12/21 14:02:09.0218
2010/12/21 14:02:09.0218 OS Version: 5.1.2600 ServicePack: 3.0
2010/12/21 14:02:09.0218 Product type: Workstation
2010/12/21 14:02:09.0218 ComputerName: GAMEROOM
2010/12/21 14:02:09.0218 UserName: Owner
2010/12/21 14:02:09.0218 Windows directory: C:\windows
2010/12/21 14:02:09.0218 System windows directory: C:\windows
2010/12/21 14:02:09.0218 Processor architecture: Intel x86
2010/12/21 14:02:09.0234 Number of processors: 1
2010/12/21 14:02:09.0234 Page size: 0x1000
2010/12/21 14:02:09.0234 Boot type: Normal boot
2010/12/21 14:02:09.0234 ================================================================================
2010/12/21 14:02:15.0296 Initialize success
2010/12/21 14:02:18.0484 ================================================================================
2010/12/21 14:02:18.0484 Scan started
2010/12/21 14:02:18.0484 Mode: Manual;
2010/12/21 14:02:18.0484 ================================================================================
2010/12/21 14:02:21.0343 ACPI (8fd99680a539792a30e97944fdaecf17) C:\windows\system32\DRIVERS\ACPI.sys
2010/12/21 14:02:21.0468 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\windows\system32\drivers\ACPIEC.sys
2010/12/21 14:02:21.0640 aec (8bed39e3c35d6a489438b8141717a557) C:\windows\system32\drivers\aec.sys
2010/12/21 14:02:21.0750 AFD (7e775010ef291da96ad17ca4b17137d7) C:\windows\System32\drivers\afd.sys
2010/12/21 14:02:22.0109 AN983 (116bff96077a4a724e0aab800525ceb5) C:\windows\system32\DRIVERS\AN983.sys
2010/12/21 14:02:22.0359 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\windows\system32\DRIVERS\asyncmac.sys
2010/12/21 14:02:22.0484 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\windows\system32\DRIVERS\atapi.sys
2010/12/21 14:02:22.0609 Atmarpc (9916c1225104ba14794209cfa8012159) C:\windows\system32\DRIVERS\atmarpc.sys
2010/12/21 14:02:22.0750 audstub (d9f724aa26c010a217c97606b160ed68) C:\windows\system32\DRIVERS\audstub.sys
2010/12/21 14:02:22.0859 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\windows\system32\drivers\Beep.sys
2010/12/21 14:02:23.0031 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\windows\system32\DRIVERS\BrScnUsb.sys
2010/12/21 14:02:23.0156 BrSerIf (c121e10c64318182a6478acae1855ee0) C:\windows\system32\Drivers\BrSerIf.sys
2010/12/21 14:02:23.0265 BrUsbSer (7ac85cdc03befd78908b3b6a73d201d0) C:\windows\system32\Drivers\BrUsbSer.sys
2010/12/21 14:02:23.0359 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\drivers\cbidf2k.sys
2010/12/21 14:02:23.0546 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\windows\system32\drivers\Cdaudio.sys
2010/12/21 14:02:23.0640 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\windows\system32\drivers\Cdfs.sys
2010/12/21 14:02:23.0750 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\windows\system32\DRIVERS\cdrom.sys
2010/12/21 14:02:24.0203 Disk (044452051f3e02e7963599fc8f4f3e25) C:\windows\system32\DRIVERS\disk.sys
2010/12/21 14:02:24.0359 dmboot (d992fe1274bde0f84ad826acae022a41) C:\windows\system32\drivers\dmboot.sys
2010/12/21 14:02:24.0531 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\windows\system32\drivers\dmio.sys
2010/12/21 14:02:24.0656 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\windows\system32\drivers\dmload.sys
2010/12/21 14:02:24.0812 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\windows\system32\drivers\DMusic.sys
2010/12/21 14:02:25.0031 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\windows\system32\DRIVERS\Dot4.sys
2010/12/21 14:02:25.0171 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\windows\system32\DRIVERS\Dot4Prt.sys
2010/12/21 14:02:25.0218 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\windows\system32\DRIVERS\dot4usb.sys
2010/12/21 14:02:25.0359 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\windows\system32\drivers\drmkaud.sys
2010/12/21 14:02:25.0484 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\windows\system32\DRIVERS\e100b325.sys
2010/12/21 14:02:25.0656 Fastfat (38d332a6d56af32635675f132548343e) C:\windows\system32\drivers\Fastfat.sys
2010/12/21 14:02:25.0781 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\windows\system32\drivers\Fdc.sys
2010/12/21 14:02:25.0875 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\windows\system32\drivers\Fips.sys
2010/12/21 14:02:26.0015 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\windows\system32\drivers\Flpydisk.sys
2010/12/21 14:02:26.0078 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\windows\system32\drivers\fltmgr.sys
2010/12/21 14:02:26.0312 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\windows\system32\drivers\Fs_Rec.sys
2010/12/21 14:02:26.0625 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\windows\system32\DRIVERS\ftdisk.sys
2010/12/21 14:02:26.0750 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\windows\system32\DRIVERS\msgpc.sys
2010/12/21 14:02:26.0859 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\windows\system32\DRIVERS\hidusb.sys
2010/12/21 14:02:27.0078 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\windows\system32\DRIVERS\HPZid412.sys
2010/12/21 14:02:27.0218 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\windows\system32\DRIVERS\HPZipr12.sys
2010/12/21 14:02:27.0328 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\windows\system32\DRIVERS\HPZius12.sys
2010/12/21 14:02:27.0453 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\windows\system32\DRIVERS\HSFHWBS2.sys
2010/12/21 14:02:27.0593 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\windows\system32\DRIVERS\HSF_DP.sys
2010/12/21 14:02:27.0734 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\windows\system32\Drivers\HTTP.sys
2010/12/21 14:02:27.0968 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\windows\system32\DRIVERS\i8042prt.sys
2010/12/21 14:02:28.0109 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\windows\system32\DRIVERS\ialmnt5.sys
2010/12/21 14:02:28.0343 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\windows\system32\DRIVERS\imapi.sys
2010/12/21 14:02:28.0531 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\windows\system32\DRIVERS\intelide.sys
2010/12/21 14:02:28.0671 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\windows\system32\DRIVERS\intelppm.sys
2010/12/21 14:02:28.0765 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\windows\system32\drivers\ip6fw.sys
2010/12/21 14:02:28.0875 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\windows\system32\DRIVERS\ipfltdrv.sys
2010/12/21 14:02:28.0984 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\windows\system32\DRIVERS\ipinip.sys
2010/12/21 14:02:29.0140 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\windows\system32\DRIVERS\ipnat.sys
2010/12/21 14:02:29.0250 IPSec (23c74d75e36e7158768dd63d92789a91) C:\windows\system32\DRIVERS\ipsec.sys
2010/12/21 14:02:29.0343 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\windows\system32\DRIVERS\irenum.sys
2010/12/21 14:02:29.0453 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\windows\system32\DRIVERS\isapnp.sys
2010/12/21 14:02:29.0531 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\windows\system32\DRIVERS\kbdclass.sys
2010/12/21 14:02:29.0625 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\windows\system32\DRIVERS\kbdhid.sys
2010/12/21 14:02:29.0687 kmixer (692bcf44383d056aed41b045a323d378) C:\windows\system32\drivers\kmixer.sys
2010/12/21 14:02:29.0796 KSecDD (b467646c54cc746128904e1654c750c1) C:\windows\system32\drivers\KSecDD.sys
2010/12/21 14:02:29.0968 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\windows\system32\DRIVERS\mdc8021x.sys
2010/12/21 14:02:30.0078 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\windows\system32\DRIVERS\mdmxsdk.sys
2010/12/21 14:02:30.0234 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\windows\system32\drivers\mnmdd.sys
2010/12/21 14:02:30.0343 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\windows\system32\drivers\Modem.sys
2010/12/21 14:02:30.0468 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\windows\system32\drivers\MODEMCSA.sys
2010/12/21 14:02:30.0578 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\windows\system32\DRIVERS\mouclass.sys
2010/12/21 14:02:30.0687 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\windows\system32\DRIVERS\mouhid.sys
2010/12/21 14:02:30.0843 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\windows\system32\drivers\MountMgr.sys
2010/12/21 14:02:31.0062 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
2010/12/21 14:02:31.0203 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
2010/12/21 14:02:31.0312 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\windows\system32\DRIVERS\mrxdav.sys
2010/12/21 14:02:31.0437 MRxSmb (f3aefb11abc521122b67095044169e98) C:\windows\system32\DRIVERS\mrxsmb.sys
2010/12/21 14:02:31.0562 Msfs (c941ea2454ba8350021d774daf0f1027) C:\windows\system32\drivers\Msfs.sys
2010/12/21 14:02:31.0875 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\windows\system32\drivers\MSKSSRV.sys
2010/12/21 14:02:32.0015 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\windows\system32\drivers\MSPCLOCK.sys
2010/12/21 14:02:32.0140 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\windows\system32\drivers\MSPQM.sys
2010/12/21 14:02:32.0265 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\windows\system32\DRIVERS\mssmbios.sys
2010/12/21 14:02:32.0390 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\windows\system32\drivers\Mup.sys
2010/12/21 14:02:32.0531 NDIS (1df7f42665c94b825322fae71721130d) C:\windows\system32\drivers\NDIS.sys
2010/12/21 14:02:32.0671 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\windows\system32\DRIVERS\ndistapi.sys
2010/12/21 14:02:32.0796 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\windows\system32\DRIVERS\ndisuio.sys
2010/12/21 14:02:32.0906 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\windows\system32\DRIVERS\ndiswan.sys
2010/12/21 14:02:33.0015 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\windows\system32\drivers\NDProxy.sys
2010/12/21 14:02:33.0125 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\windows\system32\DRIVERS\netbios.sys
2010/12/21 14:02:33.0250 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\windows\system32\DRIVERS\netbt.sys
2010/12/21 14:02:33.0421 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\windows\system32\drivers\Npfs.sys
2010/12/21 14:02:33.0812 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\windows\system32\drivers\Ntfs.sys
2010/12/21 14:02:34.0000 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\windows\system32\drivers\Null.sys
2010/12/21 14:02:34.0093 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\windows\system32\DRIVERS\nwlnkflt.sys
2010/12/21 14:02:34.0234 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\windows\system32\DRIVERS\nwlnkfwd.sys
2010/12/21 14:02:34.0406 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\windows\system32\DRIVERS\parport.sys
2010/12/21 14:02:34.0515 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\windows\system32\drivers\PartMgr.sys
2010/12/21 14:02:34.0625 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\windows\system32\drivers\ParVdm.sys
2010/12/21 14:02:34.0718 PCI (a219903ccf74233761d92bef471a07b1) C:\windows\system32\DRIVERS\pci.sys
2010/12/21 14:02:34.0843 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\windows\system32\DRIVERS\pciide.sys
2010/12/21 14:02:34.0937 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\windows\system32\drivers\Pcmcia.sys
2010/12/21 14:02:35.0062 PCTCore (807ff1dd6e1bdf8e7d2062fca0daecaf) C:\windows\system32\drivers\PCTCore.sys
2010/12/21 14:02:35.0234 pctgntdi (d15669bd3e1cf18f00b46a7949ea541f) C:\WINDOWS\system32\drivers\pctgntdi.sys
2010/12/21 14:02:35.0468 pctplsg (30c931fcb8df713bcd2fb7ce763a0b47) C:\WINDOWS\system32\drivers\pctplsg.sys
2010/12/21 14:02:36.0031 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\windows\system32\DRIVERS\raspptp.sys
2010/12/21 14:02:36.0156 PSched (09298ec810b07e5d582cb3a3f9255424) C:\windows\system32\DRIVERS\psched.sys
2010/12/21 14:02:36.0375 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\windows\system32\DRIVERS\ptilink.sys
2010/12/21 14:02:36.0500 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\windows\system32\Drivers\PxHelp20.sys
2010/12/21 14:02:36.0703 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\windows\system32\DRIVERS\rasacd.sys
2010/12/21 14:02:36.0812 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\windows\system32\DRIVERS\rasl2tp.sys
2010/12/21 14:02:36.0906 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\windows\system32\DRIVERS\raspppoe.sys
2010/12/21 14:02:37.0140 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\windows\system32\DRIVERS\raspti.sys
2010/12/21 14:02:37.0296 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\windows\system32\DRIVERS\rdbss.sys
2010/12/21 14:02:37.0390 RDPCDD (4912d5b403614ce99c28420f75353332) C:\windows\system32\DRIVERS\RDPCDD.sys
2010/12/21 14:02:37.0515 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\windows\system32\drivers\RDPWD.sys
2010/12/21 14:02:37.0625 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\windows\system32\DRIVERS\redbook.sys
2010/12/21 14:02:37.0750 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\DRIVERS\secdrv.sys
2010/12/21 14:02:37.0890 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\windows\system32\drivers\senfilt.sys
2010/12/21 14:02:38.0046 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\windows\system32\DRIVERS\serenum.sys
2010/12/21 14:02:38.0156 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\windows\system32\DRIVERS\serial.sys
2010/12/21 14:02:38.0281 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\windows\system32\drivers\Sfloppy.sys
2010/12/21 14:02:38.0500 smwdm (86c4d93b7b7818d066c52fdb03c6c921) C:\windows\system32\drivers\smwdm.sys
2010/12/21 14:02:38.0656 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\windows\system32\drivers\splitter.sys
2010/12/21 14:02:38.0765 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\windows\system32\DRIVERS\sr.sys
2010/12/21 14:02:38.0875 Srv (0f6aefad3641a657e18081f52d0c15af) C:\windows\system32\DRIVERS\srv.sys
2010/12/21 14:02:39.0015 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\windows\system32\DRIVERS\serscan.sys
2010/12/21 14:02:39.0109 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\windows\system32\DRIVERS\swenum.sys
2010/12/21 14:02:39.0203 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\windows\system32\drivers\swmidi.sys
2010/12/21 14:02:39.0453 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\windows\system32\drivers\sysaudio.sys
2010/12/21 14:02:39.0562 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\windows\system32\DRIVERS\tcpip.sys
2010/12/21 14:02:39.0703 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\windows\system32\drivers\TDPIPE.sys
2010/12/21 14:02:39.0828 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\windows\system32\drivers\TDTCP.sys
2010/12/21 14:02:39.0921 TermDD (88155247177638048422893737429d9e) C:\windows\system32\DRIVERS\termdd.sys
2010/12/21 14:02:40.0125 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\windows\system32\drivers\Udfs.sys
2010/12/21 14:02:40.0265 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\windows\system32\DRIVERS\update.sys
2010/12/21 14:02:40.0453 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\windows\system32\DRIVERS\usbccgp.sys
2010/12/21 14:02:40.0593 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\windows\system32\DRIVERS\usbehci.sys
2010/12/21 14:02:40.0718 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\windows\system32\DRIVERS\usbhub.sys
2010/12/21 14:02:40.0843 usbprint (a717c8721046828520c9edf31288fc00) C:\windows\system32\DRIVERS\usbprint.sys
2010/12/21 14:02:41.0062 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\windows\system32\DRIVERS\usbscan.sys
2010/12/21 14:02:41.0156 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\windows\system32\DRIVERS\USBSTOR.SYS
2010/12/21 14:02:41.0296 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\windows\system32\DRIVERS\usbuhci.sys
2010/12/21 14:02:41.0687 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\windows\System32\drivers\vga.sys
2010/12/21 14:02:41.0828 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\windows\system32\drivers\VolSnap.sys
2010/12/21 14:02:42.0015 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\windows\system32\DRIVERS\wanarp.sys
2010/12/21 14:02:42.0125 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\windows\system32\DRIVERS\wceusbsh.sys
2010/12/21 14:02:42.0328 wdmaud (6768acf64b18196494413695f0c3a00f) C:\windows\system32\drivers\wdmaud.sys
2010/12/21 14:02:42.0609 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\windows\system32\DRIVERS\HSF_CNXT.sys
2010/12/21 14:02:42.0812 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\windows\System32\drivers\ws2ifsl.sys
2010/12/21 14:02:42.0937 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\windows\system32\DRIVERS\WudfPf.sys
2010/12/21 14:02:43.0062 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\windows\system32\DRIVERS\wudfrd.sys
2010/12/21 14:02:43.0218 ZD1211BU(ZyDAS) (154fe6a5a608cd725266877901e883c2) C:\windows\system32\DRIVERS\zd1211Bu.sys
2010/12/21 14:02:43.0296 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2010/12/21 14:02:43.0296 ================================================================================
2010/12/21 14:02:43.0296 Scan finished
2010/12/21 14:02:43.0296 ================================================================================
2010/12/21 14:02:43.0312 Detected object count: 1
2010/12/21 14:02:55.0421 \HardDisk0 - will be cured after reboot
2010/12/21 14:02:55.0421 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2010/12/21 14:03:09.0296 Deinitialize success
  • 0

#5
joesalez
Posted 21 December 2010 - 03:46 PM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
MBRCheck.exe:

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 123):
0x804D7000 \windows\system32\ntoskrnl.exe
0x806EE000 \windows\system32\hal.dll
0xF8BB8000 \windows\system32\KDCOM.DLL
0xF8AC8000 \windows\system32\BOOTVID.dll
0xF8677000 fltmgr.sys
0xF8649000 ACPI.sys
0xF8BBA000 \windows\system32\DRIVERS\WMILIB.SYS
0xF8638000 pci.sys
0xF86B8000 isapnp.sys
0xF8C80000 pciide.sys
0xF8938000 \windows\system32\DRIVERS\PCIIDEX.SYS
0xF8BBC000 intelide.sys
0xF86C8000 MountMgr.sys
0xF8619000 ftdisk.sys
0xF8940000 PartMgr.sys
0xF86D8000 VolSnap.sys
0xF8601000 atapi.sys
0xF86E8000 disk.sys
0xF86F8000 \windows\system32\DRIVERS\CLASSPNP.SYS
0xF85EF000 sr.sys
0xF85B6000 PCTCore.sys
0xF8708000 PxHelp20.sys
0xF859F000 KSecDD.sys
0xF8512000 Ntfs.sys
0xF84E5000 NDIS.sys
0xF84CB000 Mup.sys
0xF7BE6000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF7A18000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF7A04000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF8A20000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF79E0000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF8A28000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF7BD6000 \SystemRoot\system32\DRIVERS\AN983.sys
0xF79AC000 \SystemRoot\system32\DRIVERS\HSFHWBS2.sys
0xF7989000 \SystemRoot\system32\DRIVERS\ks.sys
0xF788A000 \SystemRoot\system32\DRIVERS\HSF_DP.sys
0xF77E3000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF8A30000 \SystemRoot\System32\Drivers\Modem.SYS
0xF77BD000 \SystemRoot\system32\DRIVERS\e100b325.sys
0xF7BC6000 \SystemRoot\system32\DRIVERS\serial.sys
0xF8B90000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF77A9000 \SystemRoot\system32\DRIVERS\parport.sys
0xF7BB6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7BA6000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF7735000 \SystemRoot\system32\drivers\smwdm.sys
0xF7711000 \SystemRoot\system32\drivers\portcls.sys
0xF7B86000 \SystemRoot\system32\drivers\drmk.sys
0xF765E000 \SystemRoot\system32\drivers\senfilt.sys
0xF8C82000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7B76000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF8B9C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF7647000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7B66000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7B56000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF8A38000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF7636000 \SystemRoot\system32\DRIVERS\psched.sys
0xF8738000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF8A48000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF8A50000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF8758000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF8A58000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF8A60000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF8BDC000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF75D8000 \SystemRoot\system32\DRIVERS\update.sys
0xF8BB0000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF8798000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF87B8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF8BE6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF8BF0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF8D79000 \SystemRoot\System32\Drivers\Null.SYS
0xF8BF2000 \SystemRoot\System32\Drivers\Beep.SYS
0xF8A80000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF8A88000 \SystemRoot\System32\drivers\vga.sys
0xF8BF4000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF8BF6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF8A90000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF8A98000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF8B50000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xEF4FD000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xEF4A4000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xEF47C000 \SystemRoot\system32\DRIVERS\netbt.sys
0xEF45A000 \SystemRoot\System32\drivers\afd.sys
0xF87E8000 \SystemRoot\system32\DRIVERS\netbios.sys
0xEF42F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xEF397000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF8808000 \SystemRoot\System32\Drivers\Fips.SYS
0xEF371000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF8818000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF8838000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF8AA0000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF8AA8000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xF8B7C000 \SystemRoot\system32\DRIVERS\BrScnUsb.sys
0xF8B80000 \SystemRoot\System32\Drivers\BrUsbSer.sys
0xEF360000 \SystemRoot\System32\Drivers\BrSerIf.sys
0xEF2EB000 \SystemRoot\system32\DRIVERS\zd1211Bu.sys
0xF75D0000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF8858000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF75C8000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xF75C4000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xEF2AB000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF8C10000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF8496000 \SystemRoot\System32\drivers\Dxapi.sys
0xF8AB0000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF8CD0000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF042000 \SystemRoot\System32\ialmdev5.DLL
0xBF077000 \SystemRoot\System32\ialmdd5.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xEF19F000 \SystemRoot\system32\DRIVERS\mdc8021x.sys
0xEF19B000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xEEE46000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xEED19000 \SystemRoot\system32\drivers\wdmaud.sys
0xEEEE3000 \SystemRoot\system32\drivers\sysaudio.sys
0xF8C3A000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xEE923000 \SystemRoot\system32\DRIVERS\srv.sys
0xEEE0E000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xF89B8000 \??\C:\Program Files\Spyware Doctor\PCTSDInj32.sys
0xEE3E2000 \SystemRoot\System32\Drivers\HTTP.sys
0xEE1FF000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 40):
0 System Idle Process
4 System
584 C:\WINDOWS\system32\smss.exe
824 csrss.exe
848 C:\WINDOWS\system32\winlogon.exe
892 C:\WINDOWS\system32\services.exe
904 C:\WINDOWS\system32\lsass.exe
1060 C:\WINDOWS\system32\svchost.exe
1108 svchost.exe
1148 C:\WINDOWS\system32\svchost.exe
1224 svchost.exe
1312 svchost.exe
1684 C:\WINDOWS\explorer.exe
1768 C:\WINDOWS\system32\BRSVC01A.EXE
1816 C:\WINDOWS\system32\spoolsv.exe
1956 C:\WINDOWS\system32\hkcmd.exe
1968 C:\WINDOWS\system32\igfxpers.exe
1976 C:\Program Files\Analog Devices\Core\smax4pnp.exe
1984 C:\WINDOWS\system32\BRSS01A.EXE
1988 svchost.exe
128 C:\Program Files\Brother\ControlCenter2\brctrcen.exe
120 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
200 C:\Program Files\ATT-SST\McciTrayApp.exe
  • 0

#6
joesalez
Posted 21 December 2010 - 03:47 PM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
GMER:

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-12-21 15:37:30
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST340014A rev.8.16
Running: 9w172z8z.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\kxrcqpow.sys


---- System - GMER 1.0.15 ----

SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateKey [0xF85E2112]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcess [0xF85C12D6]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcessEx [0xF85C14C8]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteKey [0xF85E2900]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteValueKey [0xF85E2BB4]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwOpenKey [0xF85E0E12]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwRenameKey [0xF85E3020]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwSetValueKey [0xF85E23D2]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwTerminateProcess [0xF85C0F44]

---- Kernel code sections - GMER 1.0.15 ----

init C:\windows\system32\drivers\senfilt.sys entry point in "init" section [0xF76EAF80]

---- EOF - GMER 1.0.15 ----
  • 0

#7
joesalez
Posted 21 December 2010 - 04:20 PM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
The 4th program I ran was TFC by Oldtimer. I ran it, but noticed there is not a Quick Scan or Full Scan choice anymore. There is just a Start and an Exit button. If I hit Start, the scan starts and finishes within about 15 seconds and always tells me I have to reboot. Even if I close the reboot message box, it automatically reboots for me. There is no log. I re-downloaded the program and it is still doing the same thing. Something doesn't seem right. Could the Malware have hijacked this program in some way so it isn't working correctly?
  • 0

#8
joesalez
Posted 21 December 2010 - 05:46 PM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I ran Malwarebytes' again and here are the results:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5363

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/21/2010 5:45:30 PM
mbam-log-2010-12-21 (17-45-30).txt

Scan type: Full scan (C:\|)
Objects scanned: 197895
Time elapsed: 1 hour(s), 8 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\WINDOWS\inamdps.dll (Trojan.Agent) -> Delete on reboot.

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Uwuyog (Trojan.Agent) -> Value: Uwuyog -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\inamdps.dll (Trojan.Agent) -> Delete on reboot.
  • 0

#9
joesalez
Posted 21 December 2010 - 06:02 PM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
After running Malwarebytes' again, I had to reboot my computer for the infected items to be deleted. When my system rebooted, an error message popped up that said:

Error loading C:\windows\inamdps.dll

The specified module could not be found
  • 0

#10
joesalez
Posted 21 December 2010 - 06:15 PM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I just did a search in Yahoo and instead of taking me to the selected page, I was "redirected" to a completely different website!

Why would somebody create a "bug" that disrupts someone else's life and/or income? Those kinds of people are just as bad as terrorists and should be held accountable to the fullest extent when they are caught.
  • 0

#11
joesalez
Posted 21 December 2010 - 06:43 PM

joesalez

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Also, I can not do a system restore to a previous date. (I try, but when it reboots, a message pops up that says it can't be restored to the previous date.)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP