[RopingAngel]

Not sure? Everything was fine other than a few redirects, the kicker is the printer....I am leery to hook up the new printer! It trashed two within seconds! Can a virus ruin a printer? It has two of them doing the same thing, I hooked one of them to a clean computer and could not get it to respond. I guess the printers are no good? Should I hook the printer to it? I think we may be good? lol!

[Advertisements]

I don't really know any malware that can harm printer. Never heard of something like that. After we clean your PC we'll ask our hardware experts to help you out with your printers.

Everything was fine other than a few redirects

Can you restart your PC and test it for any trace of malware and redirection.

Step 1

Please read carefully and follow these steps.

Download TDSSKiller.zip from Kaspersky and save it to your Desktop.

• Extract the zip file to its own folder.
• Double click TDSSKiller.exe to run the program (Run as Administrator for Vista/Windows 7).
• Click Start scan to start scanning.
• If infection is detected, the default setting for "action" should be Cure
  
  • (If suspicious file is detected please click on it and change it to Skip).
• Click Continue button
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.

Step 2

Download aswMBR.exe ( 511KB ) to your desktop.

• Double click the aswMBR.exe to run it
• Click the "Scan" button to start scan
• On completion of the scan click save log, save it to your desktop and post in your next reply

Step 3

Please don't forget to include these items in your reply:

• TDSSKiller log
• aswMBR log

It would be helpful if you could post each log in separate post

[maliprog]

I don't really know any malware that can harm printer. Never heard of something like that. After we clean your PC we'll ask our hardware experts to help you out with your printers.

Everything was fine other than a few redirects

Can you restart your PC and test it for any trace of malware and redirection.

Step 1

Please read carefully and follow these steps.

Download TDSSKiller.zip from Kaspersky and save it to your Desktop.

• Extract the zip file to its own folder.
• Double click TDSSKiller.exe to run the program (Run as Administrator for Vista/Windows 7).
• Click Start scan to start scanning.
• If infection is detected, the default setting for "action" should be Cure
  
  • (If suspicious file is detected please click on it and change it to Skip).
• Click Continue button
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.

Step 2

Download aswMBR.exe ( 511KB ) to your desktop.

• Double click the aswMBR.exe to run it
• Click the "Scan" button to start scan
• On completion of the scan click save log, save it to your desktop and post in your next reply

Step 3

Please don't forget to include these items in your reply:

• TDSSKiller log
• aswMBR log

It would be helpful if you could post each log in separate post

[RopingAngel]

Okay! I will do this....I think I have the log saved and attached from Kaspersky. Not sure. Yes! I would love to talk to someone about the printers, there is no doubt they were damaged from this virus, maybe it will be helpful for future reference. I will start the other scans now....

[RopingAngel]

2011/08/02 01:16:13.0906 3084 TDSS rootkit removing tool 2.5.13.0 Jul 29 2011 17:24:11
2011/08/02 01:16:14.0343 3084 ================================================================================
2011/08/02 01:16:14.0343 3084 SystemInfo:
2011/08/02 01:16:14.0343 3084
2011/08/02 01:16:14.0343 3084 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/02 01:16:14.0343 3084 Product type: Workstation
2011/08/02 01:16:14.0343 3084 ComputerName: YOUR-4DACD0EA75
2011/08/02 01:16:14.0343 3084 UserName: HP_Administrator
2011/08/02 01:16:14.0343 3084 Windows directory: C:\WINDOWS
2011/08/02 01:16:14.0343 3084 System windows directory: C:\WINDOWS
2011/08/02 01:16:14.0343 3084 Processor architecture: Intel x86
2011/08/02 01:16:14.0343 3084 Number of processors: 2
2011/08/02 01:16:14.0343 3084 Page size: 0x1000
2011/08/02 01:16:14.0343 3084 Boot type: Normal boot
2011/08/02 01:16:14.0343 3084 ================================================================================
2011/08/02 01:16:16.0281 3084 Initialize success
2011/08/02 01:16:24.0390 1496 ================================================================================
2011/08/02 01:16:24.0390 1496 Scan started
2011/08/02 01:16:24.0390 1496 Mode: Manual;
2011/08/02 01:16:24.0390 1496 ================================================================================
2011/08/02 01:16:25.0031 1496 20085140 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\20085140.sys
2011/08/02 01:16:25.0593 1496 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/02 01:16:25.0750 1496 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/02 01:16:25.0828 1496 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/02 01:16:25.0921 1496 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/02 01:16:26.0203 1496 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/08/02 01:16:26.0312 1496 aracpi (00523019e3579c8f8a94457fe25f0f24) C:\WINDOWS\system32\DRIVERS\aracpi.sys
2011/08/02 01:16:26.0375 1496 arhidfltr (9fedaa46eb1a572ac4d9ee6b5f123cf2) C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
2011/08/02 01:16:26.0437 1496 arkbcfltr (82969576093cd983dd559f5a86f382b4) C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
2011/08/02 01:16:26.0484 1496 armoucfltr (9b21791d8a78faece999fadbebda6c22) C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
2011/08/02 01:16:26.0593 1496 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/08/02 01:16:26.0656 1496 ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
2011/08/02 01:16:27.0031 1496 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/02 01:16:27.0093 1496 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/02 01:16:27.0218 1496 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/02 01:16:27.0296 1496 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/02 01:16:27.0375 1496 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/02 01:16:27.0453 1496 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
2011/08/02 01:16:27.0578 1496 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/02 01:16:27.0687 1496 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/08/02 01:16:27.0812 1496 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/02 01:16:27.0875 1496 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/02 01:16:27.0984 1496 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/02 01:16:28.0453 1496 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/02 01:16:28.0546 1496 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/02 01:16:28.0656 1496 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/02 01:16:28.0687 1496 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/02 01:16:28.0812 1496 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/02 01:16:28.0937 1496 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/02 01:16:29.0171 1496 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/02 01:16:29.0265 1496 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/08/02 01:16:29.0375 1496 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/02 01:16:29.0390 1496 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/02 01:16:29.0453 1496 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/02 01:16:29.0546 1496 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/08/02 01:16:29.0593 1496 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/02 01:16:29.0640 1496 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/02 01:16:29.0750 1496 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/02 01:16:29.0828 1496 hcwPP2 (55e4da7c8cbba1f2d71720fca7a5c086) C:\WINDOWS\system32\DRIVERS\hcwPP2.sys
2011/08/02 01:16:29.0890 1496 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/02 01:16:29.0953 1496 HidIr (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys
2011/08/02 01:16:29.0984 1496 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/02 01:16:30.0109 1496 HSXHWBS2 (1f5c64b0c6b2e2f48735a77ae714ccb8) C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
2011/08/02 01:16:30.0187 1496 HSX_DP (a7f8c9228898a1e871d2ae7082f50ac3) C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
2011/08/02 01:16:30.0296 1496 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/02 01:16:30.0468 1496 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/02 01:16:30.0546 1496 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/02 01:16:30.0812 1496 IntcAzAudAddService (ab2fe0faa519880bd16e4a0792d633d2) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/02 01:16:30.0984 1496 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/08/02 01:16:31.0046 1496 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/02 01:16:31.0062 1496 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/02 01:16:31.0078 1496 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/02 01:16:31.0156 1496 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/02 01:16:31.0218 1496 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/02 01:16:31.0296 1496 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/02 01:16:31.0390 1496 IrBus (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys
2011/08/02 01:16:31.0437 1496 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/02 01:16:31.0562 1496 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/02 01:16:31.0640 1496 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/02 01:16:31.0718 1496 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/02 01:16:31.0843 1496 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/02 01:16:31.0953 1496 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/02 01:16:32.0187 1496 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011/08/02 01:16:32.0296 1496 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/08/02 01:16:32.0406 1496 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/08/02 01:16:32.0468 1496 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/02 01:16:32.0562 1496 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/02 01:16:32.0640 1496 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/02 01:16:32.0734 1496 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/02 01:16:32.0796 1496 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/02 01:16:32.0859 1496 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/08/02 01:16:33.0312 1496 MpKsl9dc58106 (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C347F91-CBC1-4921-8BDD-B7CCFD128A5B}\MpKsl9dc58106.sys
2011/08/02 01:16:33.0703 1496 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/02 01:16:33.0765 1496 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/02 01:16:33.0843 1496 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/02 01:16:33.0890 1496 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/02 01:16:33.0921 1496 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/02 01:16:33.0953 1496 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/02 01:16:34.0015 1496 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/02 01:16:34.0078 1496 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/08/02 01:16:34.0140 1496 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/02 01:16:34.0203 1496 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/08/02 01:16:34.0250 1496 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/02 01:16:34.0296 1496 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/08/02 01:16:34.0359 1496 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/02 01:16:34.0437 1496 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/02 01:16:34.0468 1496 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/02 01:16:34.0562 1496 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/02 01:16:34.0609 1496 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/02 01:16:34.0671 1496 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/02 01:16:34.0718 1496 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/08/02 01:16:34.0765 1496 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/02 01:16:34.0843 1496 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/02 01:16:34.0921 1496 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/02 01:16:35.0109 1496 nv (642a87877f83313eb5302749cd479024) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/08/02 01:16:35.0265 1496 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2011/08/02 01:16:35.0343 1496 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2011/08/02 01:16:35.0406 1496 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/02 01:16:35.0468 1496 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/02 01:16:35.0562 1496 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/08/02 01:16:35.0640 1496 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/02 01:16:35.0703 1496 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/02 01:16:35.0765 1496 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/02 01:16:35.0812 1496 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/02 01:16:35.0921 1496 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/02 01:16:35.0984 1496 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/02 01:16:36.0296 1496 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/02 01:16:36.0359 1496 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/08/02 01:16:36.0437 1496 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
2011/08/02 01:16:36.0468 1496 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/02 01:16:36.0500 1496 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/02 01:16:36.0578 1496 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/02 01:16:36.0906 1496 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/02 01:16:36.0968 1496 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/02 01:16:37.0000 1496 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/02 01:16:37.0031 1496 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/02 01:16:37.0078 1496 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/02 01:16:37.0140 1496 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/02 01:16:37.0203 1496 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/02 01:16:37.0265 1496 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/02 01:16:37.0328 1496 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/02 01:16:37.0453 1496 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2011/08/02 01:16:37.0500 1496 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/08/02 01:16:37.0593 1496 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\WINDOWS\system32\DRIVERS\RsFx0103.sys
2011/08/02 01:16:37.0656 1496 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/08/02 01:16:37.0796 1496 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/02 01:16:37.0875 1496 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/08/02 01:16:37.0937 1496 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/02 01:16:38.0031 1496 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/08/02 01:16:38.0125 1496 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/02 01:16:38.0187 1496 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/02 01:16:38.0234 1496 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/02 01:16:38.0296 1496 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/08/02 01:16:38.0375 1496 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/02 01:16:38.0406 1496 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/02 01:16:38.0593 1496 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/02 01:16:38.0656 1496 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/02 01:16:38.0718 1496 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/02 01:16:38.0765 1496 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/02 01:16:38.0828 1496 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/02 01:16:38.0937 1496 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/02 01:16:39.0031 1496 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/02 01:16:39.0156 1496 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/02 01:16:39.0218 1496 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/02 01:16:39.0296 1496 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/02 01:16:39.0359 1496 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/08/02 01:16:39.0468 1496 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/02 01:16:39.0546 1496 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/02 01:16:39.0625 1496 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/02 01:16:39.0687 1496 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/02 01:16:39.0703 1496 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/02 01:16:39.0734 1496 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/08/02 01:16:39.0765 1496 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/02 01:16:39.0828 1496 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/02 01:16:39.0921 1496 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/02 01:16:40.0031 1496 winachsx (11ec1afceb5c917ce73d3c301ff4291e) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
2011/08/02 01:16:40.0187 1496 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/02 01:16:40.0250 1496 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/08/02 01:16:40.0343 1496 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/02 01:16:40.0375 1496 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/02 01:16:40.0437 1496 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/02 01:16:40.0531 1496 Boot (0x1200) (746b78273524474defce7f478965233d) \Device\Harddisk0\DR0\Partition0
2011/08/02 01:16:40.0562 1496 Boot (0x1200) (ad85a78879fd4af54c3e0322381caa81) \Device\Harddisk0\DR0\Partition1
2011/08/02 01:16:40.0578 1496 ================================================================================
2011/08/02 01:16:40.0578 1496 Scan finished
2011/08/02 01:16:40.0578 1496 ================================================================================
2011/08/02 01:16:40.0593 0876 Detected object count: 0
2011/08/02 01:16:40.0593 0876 Actual detected object count: 0

[RopingAngel]

aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-02 01:21:04
-----------------------------
01:21:04.656 OS Version: Windows 5.1.2600 Service Pack 3
01:21:04.656 Number of processors: 2 586 0x4302
01:21:04.656 ComputerName: YOUR-4DACD0EA75 UserName:
01:21:05.578 Initialize success
01:22:34.562 AVAST engine defs: 11080101
01:23:15.406 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\My Documents\aswMBR.txt"


aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-02 01:21:04
-----------------------------
01:21:04.656 OS Version: Windows 5.1.2600 Service Pack 3
01:21:04.656 Number of processors: 2 586 0x4302
01:21:04.656 ComputerName: YOUR-4DACD0EA75 UserName:
01:21:05.578 Initialize success
01:22:34.562 AVAST engine defs: 11080101
01:23:15.406 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\My Documents\aswMBR.txt"
01:24:10.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
01:24:10.984 Disk 0 Vendor: ST3320833AS 3.AHH Size: 305245MB BusType: 3
01:24:13.015 Disk 0 MBR read successfully
01:24:13.031 Disk 0 MBR scan
01:24:13.078 Disk 0 Windows XP default MBR code
01:24:13.093 Disk 0 scanning sectors +625137345
01:24:13.171 Disk 0 scanning C:\WINDOWS\system32\drivers
01:24:31.406 Service scanning
01:24:32.125 Service MpKsl9dc58106 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6C347F91-CBC1-4921-8BDD-B7CCFD128A5B}\MpKsl9dc58106.sys **LOCKED** 32
01:24:33.031 Modules scanning
01:24:38.500 Disk 0 trace - called modules:
01:24:38.500 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
01:24:38.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a7ddab8]
01:24:38.500 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\0000007a[0x8a6c12d8]
01:24:38.515 5 ACPI.sys[b9a5d620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8a6bd940]
01:24:39.375 AVAST engine scan C:\WINDOWS
01:24:48.703 AVAST engine scan C:\WINDOWS\system32
01:28:00.953 AVAST engine scan C:\WINDOWS\system32\drivers
01:28:24.062 AVAST engine scan C:\Documents and Settings\HP_Administrator
02:22:44.718 AVAST engine scan C:\Documents and Settings\All Users
02:26:58.234 Scan finished successfully
08:48:47.062 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator\My Documents\MBR.dat"
08:48:47.078 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\My Documents\aswMBR.txt"

[maliprog]

Hi RopingAngel,

Your logs looking good. How is your system now and do you have any problems regarding malware (we'll deal with printers later)

[RopingAngel]

Been using the system all day and nothing seems to be going funny! No redirects! No Microsoft Security Essentials going off! All must be well? I been sending files to my email and printing off my clean laptop, been a bit scared to hook up the new printer to this computer. lol! What do you think? I thought maybe I would wait a few days, When I was infected, I would clean the computer with Malwarebytes and think I had it clean, it would run great and then be back? But I will say its better than it was at its best right now.....

[maliprog]

Don't worry. Malware that has bothering you is gone now. I double checked your logs . If you experience any problems in next few days just come back and I'll reopen your topic. I'm also glad that your printer is fine and you can continue with your work

Your logs and system are clean now. I'm glad we fix up your computer. We need to clean up your PC from programs we used.

Step 1

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end. Remove all other application we used to clean your PC.

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Enable Windows Update

• Click Start, click Run, type sysdm.cpl, and then press ENTER.
• Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them option.
• Click OK button

2. Delete Temp files

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

3. Make Backups of Important Files

Please read this article Home Computer Data Backup.


4. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.

[RopingAngel]

Okay! I will continue with all that! My two printers are NOT fine, I had to buy a new one. The two printers continue to only stay in busy mode. (light flashing) I think they are junk now? I thank you for your help and will make a donation for your time!

[maliprog]

Thank you for donating and supporting my work here. I really appreciate it.

Please open new topic at Hardware, Components and Peripherals and describe your problem. Give them link to this topic and tell them that you are clean now.

Goodbye and stay safe

[maliprog]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.