Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Possible malware, or malfunctioning embedded wireless device

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Possible malware, or malfunctioning embedded wireless device

Unread postby Chall » February 27th, 2011, 1:03 pm

I have an HP (service pack 3) M1000 netbook with an embedded wireless device for internet access from Verizon. I bought the netbook from Verizon and it is still under the manufacturer's 1 year warranty. About two months ago, my usage started exceeding the monthly allowance for my data plan - 5GB, by double, although my behaviour had not changed. Verizon instore reps (not techies) indicated that there were automatic updates that were erroring out, causing a loop, which was using up my data plan allowance. They gave me the number to HP, which turns out to be iyogi support, and they indicated malware was the cause, not updates, and wanted to charge me $169. I have Norton antivirus and have kept it updated and installed, so this is confusing as to how it can be malware. I have two differing results and cannot afford to keep paying hundreds of dollars for internet and need help to determine if it is malware or if something is not functioning properly. Please, please help and thank you in advance.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:01:26 AM, on 2/27/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\idt\wdm\stacsv.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\QUALCOMM\QDLService\QDLService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{308B6951-1ED2-4105-8916-3FEE5FD03E43}: NameServer = 66.174.92.14 66.174.95.44
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: Qualcomm Gobi Download Service (QDLService) - QUALCOMM, Inc. - C:\QUALCOMM\QDLService\QDLService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\wdm\stacsv.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 3087 bytes

Uninstall List
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9
Broadcom 802.11 Wireless LAN Adapter
Conduit Engine
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB949764)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
HP BatteryCheck 2.10 A2
HP Doc Viewer
HP Help and Support
HP User Guides 0130
HP Wireless Assistant
IDT Audio
Intel(R) Graphics Media Accelerator Driver
Java(TM) 6 Update 7
Marvell Miniport Driver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
MigoMobile DESKTOP 4
Norton Internet Security
PageRage 1.10.01
PageRage Toolbar
Qualcomm Gobi Driver Package for HP
Qualcomm Gobi Images for HP
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
VZAccess Manager
WIDCOMM Bluetooth Software
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
Chall
Active Member
 
Posts: 5
Joined: February 27th, 2011, 12:47 pm
Advertisement
Register to Remove

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Cypher » February 27th, 2011, 1:30 pm

Hi and welcome to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • The instructions being given are for YOUR computer and system only!.
    Using these instructions on a different computer, can damage that computer and possibly make it inoperable!
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Absence of symptoms does not mean that everything is clear.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
Backup Made Easy - XP
Backup your data - Vista
Backup your data - windows 7



Add/Remove programs
  • Click on start
  • Then Run
  • In the open text entry box please copy/paste appwiz.cpl Then click enter.
  • Press the "Remove" or "Change/Remove"...button to uninstall the following.
Conduit Engine
Java(TM) 6 Update 7
Viewpoint Media Player

Next.

Please download Malwarebytes' Anti-Malware and save to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Next.

Download DDS

Please download DDS by sUBs from one of the links below and save it to your desktop.

Link1
Link2

Please disable any anti-malware program that will block scripts from running before running DDS.

  • Double-Click on dds.scr and a command window will appear. This is normal.
  • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply


Logs/Information to Post in your Next Reply

  • Malwarebytes log.
  • DDS.txt and Attach.txt contents.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Chall » February 27th, 2011, 10:01 pm

Hello Cypher,
Thank you so much for your assistance! I was able to remove Java(TM) 6 Update 7 and
Viewpoint Media Player; but not Conduit Engine. Each time I click to remove that one, seems the active window changes, like perhaps a pop up box comes and goes, but it's so quick, it's hard to know what it is doing. It just won't remove. Should I continue with the next steps, or what do you suggest?

I really do appreciate your help.
Chall
Active Member
 
Posts: 5
Joined: February 27th, 2011, 12:47 pm

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Cypher » February 28th, 2011, 6:02 am

Hi Chall.
Thank you so much for your assistance.

You're welcome.
Don't worry about Conduit Engine for now, continue with the rest of my instructions and post the requested logs.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Chall » February 28th, 2011, 11:11 pm

Hello Cypher,
Here are the three logs. Thank you for your help! :)

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5905

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2/28/2011 8:20:49 AM
mbam-log-2011-02-28 (08-20-49).txt

Scan type: Quick scan
Objects scanned: 143338
Time elapsed: 10 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


DDS (Ver_10-12-12.02) - NTFSx86
Run by Owner at 18:54:45.40 on Mon 02/28/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.526 [GMT -8:00]

AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\idt\wdm\stacsv.exe
svchost.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\QUALCOMM\QDLService\QDLService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.8.0.41\IPSBHO.DLL
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.8.0.41\coIEPlg.dll
TB: {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
TCP: {308B6951-1ED2-4105-8916-3FEE5FD03E43} = 66.174.92.14 66.174.95.44
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.8.0.41\CoIEPlg.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1008000.029\SymEFA.sys [2010-10-8 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1008000.029\BHDrvx86.sys [2010-10-8 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1008000.029\cchpx86.sys [2010-10-8 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20110225.001\IDSXpx86.sys [2011-2-26 341944]
R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.8.0.41\ccSvcHst.exe [2010-10-8 117640]
R2 QDLService;Qualcomm Gobi Download Service;c:\qualcomm\qdlservice\QDLService.exe [2009-1-14 345336]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2009-9-23 112128]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-1-19 102448]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20110228.003\NAVENG.SYS [2011-2-28 86008]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20110228.003\NAVEX15.SYS [2011-2-28 1360760]
R3 QCFilterhp;HP USB Composite Device Filter Driver;c:\windows\system32\drivers\qcfilterhp.sys [2009-9-23 5248]
R3 qcusbnethp;HP USB-NDIS miniport;c:\windows\system32\drivers\qcusbnethp.sys [2009-9-23 115200]
R3 qcusbserhp;HP USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbserhp.sys [2009-9-23 104448]
R3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~2\SMSIVZAM5.SYS [2010-4-14 32408]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-19 136176]
S3 UCORESYS;UCORESYS;\??\d:\bios\harbour1.0 f15 (win xp)\ucoresys.sys --> d:\bios\harbour1.0 f15 (win xp)\UCORESYS.SYS [?]

=============== Created Last 30 ================

2011-02-28 16:06:24 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2011-02-28 16:06:16 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-28 16:06:15 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-28 16:06:10 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-28 16:06:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-27 04:10:59 388096 ----a-r- c:\docume~1\owner\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-02-27 04:10:57 -------- d-----w- c:\program files\Trend Micro
2011-02-23 04:22:22 -------- d-----w- c:\windows\pss
2011-02-21 06:30:31 -------- d---a-w- c:\program files\MyOwnSuperheroIE
2011-02-21 06:30:01 -------- d-----w- c:\program files\MyOwnSuperheroEI
2011-02-20 04:35:45 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Google
2011-02-20 04:30:04 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\OpenCandy
2011-02-20 04:29:56 -------- d-----w- c:\docume~1\owner\applic~1\OpenCandy
2011-02-20 04:29:28 -------- d-----w- c:\program files\Conduit
2011-02-20 04:29:25 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\PageRage
2011-02-20 04:29:20 -------- d-----w- c:\program files\ConduitEngine
2011-02-20 04:29:20 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\ConduitEngine
2011-02-20 04:29:15 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Conduit
2011-02-20 04:29:13 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Temp
2011-02-20 04:28:46 -------- d-----w- c:\program files\PageRage
2011-02-20 04:28:45 -------- d-----w- c:\docume~1\alluse~1\applic~1\Tarma Installer
2011-02-10 15:09:33 -------- d-----w- c:\windows\ie8updates
2011-02-10 02:32:56 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-02-10 02:32:56 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-02-10 02:32:52 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-02-08 17:37:42 -------- d-sh--w- c:\documents and settings\owner\PrivacIE
2011-02-08 17:35:00 -------- d-----w- c:\windows\system32\XPSViewer
2011-02-08 17:33:56 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-02-08 17:33:30 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-02-08 17:33:30 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-02-08 17:33:30 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-02-08 17:33:30 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-02-08 17:33:30 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-02-08 17:33:30 117760 ------w- c:\windows\system32\prntvpt.dll
2011-02-08 17:33:29 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-02-08 17:33:29 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-02-08 17:33:29 -------- d-----w- C:\bd44b0f3f62fc45fe189015d5e0e
2011-02-08 17:24:03 -------- d-sh--w- c:\documents and settings\owner\IETldCache
2011-02-08 17:15:41 -------- dc-h--w- c:\windows\ie8
2011-02-08 16:37:13 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-02-08 15:42:19 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-02-08 15:42:19 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-02-08 15:37:42 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-02-08 15:26:54 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-02-08 15:26:53 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-02-08 15:26:52 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-02-08 15:26:52 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-02-08 15:09:37 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-08 07:23:38 -------- d-----w- c:\windows\system32\PreInstall
2011-02-08 03:32:49 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2011-02-07 19:09:43 -------- d-----w- c:\windows\system32\SoftwareDistribution

==================== Find3M ====================

2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe

============= FINISH: 18:56:05.17 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 9/23/2009 8:17:30 AM
System Uptime: 2/28/2011 6:36:14 PM (0 hours ago)

Motherboard: Hewlett-Packard | | 361A
Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz | CPU 1 | 1596/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 75 GiB total, 63.64 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP69: 12/14/2010 7:37:15 PM - System Checkpoint
RP70: 12/15/2010 8:55:59 AM - System Checkpoint
RP71: 12/16/2010 3:51:12 PM - System Checkpoint
RP72: 12/17/2010 3:58:51 PM - System Checkpoint
RP73: 12/18/2010 5:29:34 PM - System Checkpoint
RP74: 12/19/2010 7:55:19 PM - System Checkpoint
RP75: 12/20/2010 9:56:11 PM - System Checkpoint
RP76: 12/21/2010 11:14:52 PM - System Checkpoint
RP77: 12/23/2010 7:50:42 AM - System Checkpoint
RP78: 12/24/2010 11:58:14 AM - System Checkpoint
RP79: 12/25/2010 12:20:39 PM - System Checkpoint
RP80: 12/26/2010 12:37:18 PM - System Checkpoint
RP81: 12/28/2010 10:30:55 AM - System Checkpoint
RP82: 12/29/2010 1:47:22 PM - System Checkpoint
RP83: 12/30/2010 2:33:03 PM - System Checkpoint
RP84: 12/31/2010 6:59:43 PM - System Checkpoint
RP85: 1/1/2011 7:16:51 PM - System Checkpoint
RP86: 1/3/2011 8:33:46 AM - System Checkpoint
RP87: 1/4/2011 8:41:26 AM - System Checkpoint
RP88: 1/6/2011 8:43:41 AM - System Checkpoint
RP89: 1/7/2011 2:43:19 PM - System Checkpoint
RP90: 1/9/2011 10:46:18 AM - System Checkpoint
RP91: 1/10/2011 3:32:43 PM - System Checkpoint
RP92: 1/11/2011 8:20:44 PM - System Checkpoint
RP93: 1/12/2011 9:00:32 PM - System Checkpoint
RP94: 1/14/2011 8:12:08 AM - System Checkpoint
RP95: 1/15/2011 11:51:57 AM - System Checkpoint
RP96: 1/16/2011 4:09:10 PM - System Checkpoint
RP97: 1/18/2011 8:52:57 AM - System Checkpoint
RP98: 1/19/2011 9:00:27 AM - System Checkpoint
RP99: 1/21/2011 3:41:23 PM - System Checkpoint
RP100: 1/22/2011 5:58:05 PM - System Checkpoint
RP101: 1/23/2011 8:31:52 PM - System Checkpoint
RP102: 1/25/2011 8:05:36 AM - System Checkpoint
RP103: 1/26/2011 10:18:25 AM - System Checkpoint
RP104: 1/27/2011 11:04:43 AM - System Checkpoint
RP105: 1/28/2011 1:55:51 PM - System Checkpoint
RP106: 1/29/2011 3:10:07 PM - System Checkpoint
RP107: 1/30/2011 3:15:31 PM - System Checkpoint
RP108: 1/31/2011 3:28:44 PM - System Checkpoint
RP109: 2/1/2011 9:49:25 PM - System Checkpoint
RP110: 2/2/2011 10:25:09 PM - System Checkpoint
RP111: 2/4/2011 7:38:02 AM - System Checkpoint
RP112: 2/5/2011 10:49:52 AM - System Checkpoint
RP113: 2/6/2011 2:34:26 PM - System Checkpoint
RP114: 2/7/2011 7:58:26 PM - System Checkpoint
RP115: 2/7/2011 11:23:27 PM - Software Distribution Service 3.0
RP116: 2/8/2011 8:28:33 AM - Software Distribution Service 3.0
RP117: 2/8/2011 9:13:47 AM - Software Distribution Service 3.0
RP118: 2/8/2011 9:26:01 AM - Software Distribution Service 3.0
RP119: 2/9/2011 9:49:03 AM - System Checkpoint
RP120: 2/10/2011 6:57:25 AM - Software Distribution Service 3.0
RP121: 2/12/2011 12:14:46 PM - System Checkpoint
RP122: 2/12/2011 2:24:48 PM - Software Distribution Service 3.0
RP123: 2/14/2011 7:52:41 AM - System Checkpoint
RP124: 2/15/2011 12:21:50 PM - System Checkpoint
RP125: 2/16/2011 12:26:17 PM - System Checkpoint
RP126: 2/17/2011 7:28:41 PM - System Checkpoint
RP127: 2/19/2011 10:05:51 AM - System Checkpoint
RP128: 2/20/2011 2:22:07 PM - System Checkpoint
RP129: 2/21/2011 2:48:27 PM - System Checkpoint
RP130: 2/23/2011 7:41:53 AM - System Checkpoint
RP131: 2/24/2011 3:41:12 PM - System Checkpoint
RP132: 2/25/2011 8:29:06 AM - Removed FriendFinder Messenger v4.1
RP133: 2/26/2011 4:24:13 PM - System Checkpoint
RP134: 2/26/2011 8:10:56 PM - Installed HiJackThis
RP135: 2/27/2011 7:41:10 AM - Software Distribution Service 3.0
RP136: 2/27/2011 5:32:57 PM - Removed Java(TM) 6 Update 7

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9
Broadcom 802.11 Wireless LAN Adapter
Conduit Engine
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB949764)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP BatteryCheck 2.10 A2
HP Doc Viewer
HP Help and Support
HP User Guides 0130
HP Wireless Assistant
IDT Audio
Intel(R) Graphics Media Accelerator Driver
Malwarebytes' Anti-Malware
Marvell Miniport Driver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
MigoMobile DESKTOP 4
Norton Internet Security
PageRage 1.10.01
PageRage Toolbar
Qualcomm Gobi Driver Package for HP
Qualcomm Gobi Images for HP
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VZAccess Manager
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

2/27/2011 6:45:41 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
2/26/2011 9:05:20 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E}
2/26/2011 9:05:17 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service hpqwmiex with arguments "" in order to run the server: {4BE1F202-E872-4127-8E3F-A24A4A021203}
2/25/2011 8:29:25 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
2/23/2011 7:48:03 PM, error: PSched [14103] - QoS [Adapter {C220E2C3-5070-4B31-A650-967113589FD0}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
2/23/2011 3:57:24 PM, error: PlugPlayManager [12] - The device 'Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller' (PCI\VEN_11AB&DEV_4354&SUBSYS_361A103C&REV_00\4&23c6fc68&0&00E1) disappeared from the system without first being prepared for removal.

==== End Of File ===========================
Chall
Active Member
 
Posts: 5
Joined: February 27th, 2011, 12:47 pm

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Cypher » March 1st, 2011, 7:11 am

Hi Chall.
Run the below scan and post the resulting log please.

Please download GMER Rootkit Scanner from Here.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All << (don't miss this one)
    See image below, Click the image to enlarge it
    Image
  • Then click the Scan button & wait for it to finish
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
  • Save it where you can easily find it, such as your desktop, and post it in your next reply
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Note: Do not run any programs while Gmer is running.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Chall » March 1st, 2011, 12:13 pm

Hi Cypher,
I downloaded the program, closed all other programs (but did not disable my Norton, not sure if I should have). Opened the program, unchecked the boxes per your instructions, and clicked Scan. It started to scan and then the program disappeared. I waited about five minutes thinking it perhaps was working in the background, but it had appeared to be closed. I ran the program again, ensured the same boxes were unchecked, and clicked scan. Started scanning, and then this time, my system crashed. I couldn't locate the MS Windows technical error logs under the temp file, but here is the error signature I received.

BCCode: 1000007f BCP1: 00000000 BCP3: 00000000 BCP4: 00000000
OSVer: 5_1_2600 SP: 3_0 Product: 768_1

Why would the program crash my system? Again, thank you for your assistance.
Chall
Active Member
 
Posts: 5
Joined: February 27th, 2011, 12:47 pm

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Cypher » March 1st, 2011, 12:19 pm

Hi Chall.
Why would the program crash my system?

Unfortunately this can happen running Gmer on some systems so we will try another scanner.

Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth, Files, Code Hooks. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • * This can take a while. Please be patient *.
  • Save the report somewhere where you can find it. Click Close.
  • Copy the entire contents of this log in you're next reply.
  • This log can be lengthy you may have to post it in separate replies.
  • Note: You may get the following warning - it is ok - just ignore it:
    "Rootkit Unhooker has detected a parasite inside itself!
    It is recommended to remove parasite, okay?"
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Chall » March 2nd, 2011, 2:27 pm

Hi Cypher,
I will try it, but now my internet explorer won't launch, just goes into a "not responding" stage. When I go into Windows Task Manager, there are two Windows Internet Explorer running (status of both are Not Responding - why would two try to launch?) I can use my Yahoo messenger, but IE won't launch to allow me to get to the internet to try the new scanner. I will what what I can do to get this fixed (difficult since I have no CD rom drive on the netbook), but it may take me a couple days, please don't close this topic. :)

Thank you for your assistance.
Chall
Active Member
 
Posts: 5
Joined: February 27th, 2011, 12:47 pm

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Cypher » March 2nd, 2011, 2:34 pm

Hi.
Do you have access to another computer to download RKUnHooker?
You could do that then transfer it to the infected computer using a flash drive.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Possible malware, or malfunctioning embedded wireless de

Unread postby Cypher » March 5th, 2011, 2:32 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 63 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware