Jump to content

Infected - Help Please!


Akara1
 Share

Recommended Posts

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pml Driver HPZ12]

"Type"=dword:00000010

"Start"=dword:00000002

"ErrorControl"=dword:00000001

"ImagePath"=hex(2):43,00,3a,00,5c,00,57,00,49,00,4e,00,44,00,4f,00,57,00,53,00,\

5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,48,00,50,00,5a,\

00,69,00,70,00,6d,00,31,00,32,00,2e,00,65,00,78,00,65,00,00,00

"DisplayName"="Pml Driver HPZ12"

"ObjectName"="LocalSystem"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pml Driver HPZ12\Security]

"Security"=hex:01,00,14,80,60,00,00,00,6c,00,00,00,14,00,00,00,30,00,00,00,02,\

00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\

00,00,02,00,30,00,02,00,00,00,01,00,14,00,02,00,0c,00,01,01,00,00,00,00,00,\

01,00,00,00,00,00,00,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,\

01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pml Driver HPZ12\Enum]

"0"="Root\\LEGACY_PML_DRIVER_HPZ12\\0000"

"Count"=dword:00000001

"NextInstance"=dword:00000001

Link to post
Share on other sites

OK, please try this............

Copy all the text in the code box into notepad.

Save it as fix.reg

Save as file type > All files

Save it to your desktop

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pml Driver HPZ12]
"Start"=dword:00000004

If you did it right it will look like this except with a different name:

ScreenShot-crop.jpg

Now double click on it and allow it to merge into the registry.

Reboot and see if you can fix msconfig now.

MrC

Link to post
Share on other sites

No you don't what SAS running.

Open it up and click on Preferences > General and Startup > uncheck > "Start SAS when Windows starts"

------------------------------

Please Uninstall ComboFix:

Go to start > run and copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

-----------------------------

Please do this:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

MrC

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.5

Windows XP Service Pack 3

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

ESET Online Scanner v3

Symantec AntiVirus

Antivirus up to date!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 14

Java 6 Update 2

Java 6 Update 3

Java 6 Update 5

Java 6 Update 7

Out of date Java installed!

Adobe Flash Player 10.1.82.76

Adobe Reader 9

Out of date Adobe Reader installed!

Mozilla Firefox (3.6.6) Firefox Out of Date!

Mozilla Thunderbird (3.1.3)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Symantec AntiVirus DefWatch.exe

Symantec AntiVirus Rtvscan.exe

````````````````````````````````

DNS Vulnerability Check:

GOOD! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

Link to post
Share on other sites

You have to install a better firewall then Windows.

I suggest you try PCTools, that's what I've been using.

You are certainly welcome to use any other firewall you prefer, there's several listed in My Preventive Maintenance.

-------------------------------------

Your Java is out of date, older versions are vulnerable to malware.

Please go to your control panels add/remove programs and uninstall any Java and then download and install the latest version.

Java

Link to post
Share on other sites

  • 2 weeks later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.