[FBI Moneypak nightmare - please help!]

OK. Thanks for your help. I think I will save docs, music, pics etc to an external drive and reformat.

[FBI Moneypak nightmare - please help!]

Do I need to finish cleaning to get data off before rebuilding??

[FBI Moneypak nightmare - please help!]

OK - here are the logs you asked for:

RKill

Rkill 2.4.5 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/04/2013 06:46:04 AM in x86 mode.

Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* wdmaud [Missing Service]

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\drivers\mqac.sys [NoSig]

+-> C:\WINDOWS\$hf_mig$\KB971032\SP2QFE\mqac.sys : 91,776 : 06/22/2009 00:30 AM : 9229e191fe206628be17d1e67a5faed9 [Pos Repl]

+-> C:\WINDOWS\ServicePackFiles\i386\mqac.sys : 92,544 : 04/13/2008 00:39 AM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]

+-> C:\WINDOWS\system32\dllcache\mqac.sys : 91,776 : 06/22/2009 00:48 AM : eee50bf24caeedb515a8f3b22756d3bb [Pos Repl]

* C:\WINDOWS\System32\drivers\ntfs.sys [NoSig]

+-> C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys : 574,592 : 08/04/2004 00:00 AM : b78be402c3f63dd55521f73876951cdd [Pos Repl]

+-> C:\WINDOWS\ServicePackFiles\i386\ntfs.sys : 574,976 : 04/13/2008 00:15 AM : 78a08dd6a8d65e697c18e1db01c5cdca [Pos Repl]

* C:\WINDOWS\System32\ntoskrnl.exe [NoSig]

+-> C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe : 2,192,768 : 12/09/2010 00:43 AM : a531bbd3de13121c1380ed7dc99082db [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe : 2,192,768 : 10/25/2011 00:34 AM : f512c662874d7545e5bd8005e6800a44 [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe : 2,192,640 : 04/11/2012 00:22 AM : 8d061bb825bc606c2b1c6f7452d1baaa [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe : 2,192,640 : 05/04/2012 00:20 AM : 099a0f80a563ebe935f4a9750f96c219 [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB2724197\SP3QFE\ntoskrnl.exe : 2,193,024 : 08/21/2012 00:48 AM : eca5980e1a78dbf9cb7f49f76791c0d1 [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB914882\SP2QFE\ntoskrnl.exe : 2,180,992 : 02/20/2006 08:01 PM : df4d09b676964646fa166a78c816b4c3 [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe : 2,186,112 : 02/06/2009 08:32 AM : 6a936e9d7badaf3caaeed1e1966ec1b0 [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe : 2,189,056 : 02/06/2009 08:08 AM : 7a95b10a73737ebf24139aaa63f5212b [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe : 2,189,184 : 02/07/2009 06:35 PM : efe8eace83eaad5849a7a548fb75b584 [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe : 2,186,880 : 02/16/2010 06:37 AM : 97e2bf68857818a4d142b872404dc41b [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe : 2,189,952 : 02/17/2010 06:10 AM : d41c3cbad0e1c0728d1cdfd541f60cfa [Pos Repl]

+-> C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe : 2,190,080 : 02/16/2010 06:52 AM : e1f653a542449d54fa2d27463d99b6b6 [Pos Repl]

+-> C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe : 2,137,088 : 02/16/2010 00:17 AM : a63052fa8fb8685382e10ee83c326864 [Pos Repl]

+-> C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe : 2,192,896 : 08/21/2012 00:29 AM : 49fb9f4a7ce25b82b1e00c402783f5c5 [Pos Repl]

+-> C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe : 2,188,928 : 04/13/2008 00:27 AM : 0c89243c7c3ee199b96fcc16990e0679 [Pos Repl]

+-> C:\WINDOWS\system32\dllcache\ntoskrnl.exe : 2,192,896 : 08/21/2012 00:29 AM : 49fb9f4a7ce25b82b1e00c402783f5c5 [Pos Repl]

Checking HOSTS File:

* Cannot edit the HOSTS file.

* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost

::1 localhost

Program finished at: 01/04/2013 06:47:04 AM

Execution time: 0 hours(s), 0 minute(s), and 59 seconds(s)

Malware QuickScan

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.04.05

Windows XP Service Pack 2 x86 NTFS

Internet Explorer 6.0.2900.2180

Lisa :: LISA-8CECD1EA3A [administrator]

1/4/2013 6:50:24 AM

mbam-log-2013-01-04 (06-50-24).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 331175

Time elapsed: 27 minute(s), 11 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 11

C:\Documents and Settings\Keith\Local Settings\Temp\XPI1KI.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\jar_cache4299583501108188422.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\nsg113.tmp\ghfwudvn.dll (Trojan.Happili) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\nsh2B.tmp\ghfwudvn.dll (Trojan.Happili) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\nsp2F.tmp\ghfwudvn.dll (Trojan.Happili) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\nsr5.tmp\ghfwudvn.dll (Trojan.Happili) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\nss5.tmp\ghfwudvn.dll (Trojan.Happili) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\nst2A.tmp\ghfwudvn.dll (Trojan.Happili) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\nst2C.tmp\ghfwudvn.dll (Trojan.Happili) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\nswDB.tmp\ghfwudvn.dll (Trojan.Happili) -> Quarantined and deleted successfully.

C:\Documents and Settings\Keith\Local Settings\Temp\nsz2E.tmp\ghfwudvn.dll (Trojan.Happili) -> Quarantined and deleted successfully.

(end)

DDS

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Lisa at 7:36:45 on 2013-01-04

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.508 [GMT -8:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

AV: Antivirus Smart Protection *Enabled/Updated* {309568B9-1E0B-4A95-89C3-05D944E6AD20}

FW: Antivirus Smart Protection *Enabled*

.

============== Running Processes ================

.

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\ntvdm.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\audibl~1.lnk - c:\program files\audible\bin\AudibleDownloadHelper.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

TCP: NameServer = 10.0.0.1

TCP: Interfaces\{0FCFDAA6-EB8F-4783-B326-D16F89D9AFD1} : DHCPNameServer = 10.0.0.1

mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "c:\progra~1\outlook express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "c:\progra~1\outlook express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

.

============= SERVICES / DRIVERS ===============

.

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-3 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-3 682344]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-3 21104]

.

=============== Created Last 30 ================

.

2013-01-03 21:16:50 -------- d--h--w- c:\windows\PIF

2013-01-03 20:09:29 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-03 15:33:41 -------- d-----w- c:\docume~1\lisa~1.lis\applic~1\Malwarebytes

2013-01-03 15:29:28 -------- d-----w- c:\docume~1\lisa~1.lis\local settings\application data\Mozilla

2013-01-02 21:52:42 -------- d-----w- c:\windows\pss

2013-01-02 20:31:10 -------- d-----w- c:\docume~1\alluse~1\application data\Spybot - Search & Destroy

2013-01-02 20:30:47 15224 ----a-w- c:\windows\system32\sdnclean.exe

2013-01-02 20:30:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2013-01-02 19:36:33 -------- d-sh--w- C:\$RECYCLE.BIN

2012-12-18 18:07:36 6812136 ----a-w- c:\docume~1\alluse~1\application data\microsoft\microsoft antimalware\definition updates\{9f9160ae-0915-40ad-a29a-2dd4c191ca7e}\mpengine.dll

2012-12-18 06:25:48 192728 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe

2012-12-17 18:04:27 6812136 ----a-w- c:\docume~1\alluse~1\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

.

==================== Find3M ====================

.

2013-01-02 19:38:54 574464 --s-a-w- c:\windows\system32\drivers\ntfs.sys

2013-01-02 19:38:51 2139256 --s-a-w- c:\windows\system32\ntoskrnl.exe

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll

2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec

.

============= FINISH: 7:37:01.62 ===============

[FBI Moneypak nightmare - please help!]

Had to reinstall drivers to get internet access.

Following other instructions now.

[FBI Moneypak nightmare - please help!]

Maniac,

Thanks for the reply. I followed the instructions and posted the 2 text logs. Last Malwarebytes quickscan was clean. FYI - my network adapter drivers were gone (disabled?) too.

[FBI Moneypak nightmare - please help!]

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Lisa at 13:16:58 on 2013-01-03

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.563 [GMT -8:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

AV: Antivirus Smart Protection *Enabled/Updated* {309568B9-1E0B-4A95-89C3-05D944E6AD20}

FW: Antivirus Smart Protection *Enabled*

.

============== Running Processes ================

.

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\ntvdm.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

.

============== Pseudo HJT Report ===============

.

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\audibl~1.lnk - c:\program files\audible\bin\AudibleDownloadHelper.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

TCP: NameServer = 10.10.100.10 10.10.100.11

TCP: Interfaces\{0FCFDAA6-EB8F-4783-B326-D16F89D9AFD1} : DHCPNameServer = 10.10.100.10 10.10.100.11

mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "c:\progra~1\outlook express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "c:\progra~1\outlook express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

.

============= SERVICES / DRIVERS ===============

.

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-3 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-3 682344]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-3 21104]

.

=============== Created Last 30 ================

.

2013-01-03 21:16:50 -------- d--h--w- c:\windows\PIF

2013-01-03 20:09:29 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-03 15:33:41 -------- d-----w- c:\docume~1\lisa~1.lis\applic~1\Malwarebytes

2013-01-03 15:29:28 -------- d-----w- c:\docume~1\lisa~1.lis\local settings\application data\Mozilla

2013-01-02 21:52:42 -------- d-----w- c:\windows\pss

2013-01-02 20:31:10 -------- d-----w- c:\docume~1\alluse~1\application data\Spybot - Search & Destroy

2013-01-02 20:30:47 15224 ----a-w- c:\windows\system32\sdnclean.exe

2013-01-02 20:30:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2013-01-02 19:36:33 -------- d-sh--w- C:\$RECYCLE.BIN

2012-12-18 18:07:36 6812136 ----a-w- c:\docume~1\alluse~1\application data\microsoft\microsoft antimalware\definition updates\{9f9160ae-0915-40ad-a29a-2dd4c191ca7e}\mpengine.dll

2012-12-18 06:25:48 192728 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe

2012-12-17 18:04:27 6812136 ----a-w- c:\docume~1\alluse~1\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

.

==================== Find3M ====================

.

2013-01-02 19:38:54 574464 --s-a-w- c:\windows\system32\drivers\ntfs.sys

2013-01-02 19:38:51 2139256 --s-a-w- c:\windows\system32\ntoskrnl.exe

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll

2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec

.

============= FINISH: 13:17:35.64 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 7/21/2011 4:29:24 PM

System Uptime: 1/3/2013 12:32:03 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0WJ770

Processor: Intel® Pentium® 4 CPU 3.06GHz | Microprocessor | 3059/533mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 298 GiB total, 241.344 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 53 GiB total, 3.8 GiB free.

F: is FIXED (NTFS) - 18 GiB total, 17.948 GiB free.

G: is Removable

H: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: Video Controller (VGA Compatible)

Device ID: PCI\VEN_8086&DEV_2582&SUBSYS_01C41028&REV_04\3&172E68DD&0&10

Manufacturer:

Name: Video Controller (VGA Compatible)

PNP Device ID: PCI\VEN_8086&DEV_2582&SUBSYS_01C41028&REV_04\3&172E68DD&0&10

Service:

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: PCI Device

Device ID: PCI\VEN_8086&DEV_2668&SUBSYS_01C41028&REV_04\3&172E68DD&0&D8

Manufacturer:

Name: PCI Device

PNP Device ID: PCI\VEN_8086&DEV_2668&SUBSYS_01C41028&REV_04\3&172E68DD&0&D8

Service:

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: PCI Simple Communications Controller

Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200F14F1&REV_00\4&10BD256C&0&10F0

Manufacturer:

Name: PCI Simple Communications Controller

PNP Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200F14F1&REV_00\4&10BD256C&0&10F0

Service:

.

==== System Restore Points ===================

.

RP1: 1/2/2013 3:01:40 PM - System Checkpoint

.

==== Installed Programs ======================

.

Intel® PRO Network Connections Drivers

Malwarebytes Anti-Malware version 1.70.0.1100

.

==== Event Viewer Messages From Past Week ========

.

1/2/2013 9:46:44 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

1/2/2013 7:05:32 AM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

1/2/2013 12:31:12 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

1/2/2013 12:31:12 PM, error: Service Control Manager [7000] - The Spybot-S&D 2 Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/2/2013 12:30:46 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde

1/1/2013 4:42:17 PM, error: Dhcp [1002] - The IP address lease 10.0.0.6 for the Network Card with network address 001676AB59B0 has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

.

==== End Of File ===========================

[FBI Moneypak nightmare - please help!]

I was infected with the fbi moneypak virus. Couldn't do anything and couldn't boot in safe mode. Using a Spotmau BootSuite cd I was able to get the computer to boot up and run Malwarebytes. It found numerous threats and I removed them - before I found the forum.

Current scan is clean and computer will boot normally and seems fine. It still will NOT boot in safe mode. All attempts to boot in any form of safe mode generate a "Fatal System Error" and blue screen. Doesn't seem like all is fixed if this doesn't work. Should I be worried??

Thanks for any assistance!