xpdx.sys detected-"fix" causes reboot

scomage · Jun 10, 2008

Hello,
I am running XP Pro SP2. My system was rebooting with a bugcheck every few days. I had scanned it with Spybot 1.4 and McAfee and found nothing. I recently updated to Spybot 1.5.2 and the scan found xpdx.sys. When I tried to fix it, the system rebooted. I haven't tried safe mode yet, but reading some other forums, I'm not sure that will work. I was hoping for information in this forum, but I didn't see any. Does anyone have any more info on this bug?

md usa spybot fan · Jun 10, 2008

scomage:

The file xpdx.sys can be associated with various Trojans. It may help if you posted the actual detection that you received. To do that:

Run another scan.
When the scan completes, right click on the results list, select "Copy results to clipboard".
Then paste (Ctrl+V) those results to a new post in this thread.

scomage · Jun 11, 2008

Requested files

Here is the file before clicking fix:

--- Search result list ---
Win32.Tiny.abk: [SBI $B157D529] System file (File, nothing done)
F:\WINDOWS\system32\xpdx.sys

--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---

2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2007-08-09 unins000.exe (51.41.0.0)
2008-06-09 unins001.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-06-03 Includes\Adware.sbi (*)
2008-06-03 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-06-03 Includes\Dialer.sbi (*)
2008-06-03 Includes\DialerC.sbi (*)
2008-06-03 Includes\HeavyDuty.sbi (*)
2008-06-04 Includes\Hijackers.sbi (*)
2008-06-03 Includes\HijackersC.sbi (*)
2008-06-03 Includes\Keyloggers.sbi (*)
2008-06-03 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-06-03 Includes\Malware.sbi (*)
2008-06-03 Includes\MalwareC.sbi (*)
2008-06-03 Includes\PUPS.sbi (*)
2008-06-03 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-03 Includes\Security.sbi (*)
2008-06-03 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-06-03 Includes\Spyware.sbi (*)
2008-06-03 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti
2008-06-03 Includes\Trojans.sbi (*)
2008-06-03 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

--- System information ---
Windows XP (Build: 2600) Service Pack 2 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB936782)
/ Windows Media Player 11: Hotfix for Windows Media Player 11 (KB939683)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows Media Player 9: Security Update for Windows Media Player 9 (KB917734)
/ Windows Presentation Foundation: This Hotfix is for Microsoft .NET Framework 3.0. \n
If you later install a more recent service pack, this Hotfix will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/932471
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Hotfix for Windows XP (KB896344)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Hotfix for Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Update for Windows XP (KB920342)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921503)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Update for Windows XP (KB925720)
/ Windows XP / SP3: Update for Windows XP (KB925876)
/ Windows XP / SP3: Security Update for Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Update for Windows XP (KB927891)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Security Update for Windows XP (KB929123)
/ Windows XP / SP3: Security Update for Windows XP (KB929969)
/ Windows XP / SP3: Security Update for Windows XP (KB930178)
/ Windows XP / SP3: Update for Windows XP (KB930916)
/ Windows XP / SP3: Security Update for Windows XP (KB931261)
/ Windows XP / SP3: Security Update for Windows XP (KB931784)
/ Windows XP / SP3: Update for Windows XP (KB931836)
/ Windows XP / SP3: Security Update for Windows XP (KB932168)
/ Windows XP / SP3: Update for Windows XP (KB933360)
/ Windows XP / SP3: Security Update for Windows XP (KB933566)
/ Windows XP / SP3: Security Update for Windows XP (KB933729)
/ Windows XP / SP3: Security Update for Windows XP (KB935839)
/ Windows XP / SP3: Security Update for Windows XP (KB935840)
/ Windows XP / SP3: Security Update for Windows XP (KB936021)
/ Windows XP / SP3: Security Update for Windows XP (KB937894)
/ Windows XP / SP3: Security Update for Windows XP (KB938127)
/ Windows XP / SP3: Update for Windows XP (KB938828)
/ Windows XP / SP3: Security Update for Windows XP (KB938829)
/ Windows XP / SP3: Security Update for Windows XP (KB939653)
/ Windows XP / SP3: Security Update for Windows XP (KB941202)
/ Windows XP / SP3: Security Update for Windows XP (KB941568)
/ Windows XP / SP3: Security Update for Windows XP (KB941644)
/ Windows XP / SP3: Security Update for Windows XP (KB942615)
/ Windows XP / SP3: Update for Windows XP (KB942763)
/ Windows XP / SP3: Update for Windows XP (KB942840)
/ Windows XP / SP3: Security Update for Windows XP (KB943460)
/ Windows XP / SP3: Security Update for Windows XP (KB943485)
/ Windows XP / SP3: Security Update for Windows XP (KB944653)
/ XML Paper Specification Shared Components Pack 1.0: XML Paper Specification Shared Components Pack 1.0

--- Startup entries list ---
Located: HK_LM:Run, mcagent_exe
command: F:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
file: F:\Program Files\McAfee.com\Agent\mcagent.exe
size: 582992
MD5: 9405B452064BFA6A0F78E2F177A988A4

Located: HK_LM:Run, SiteAdvisor
command: "F:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
file: F:\Program Files\SiteAdvisor\6261\SiteAdv.exe
size: 35992
MD5: 6A4C65612DB8B61C21A86308EFDE3536

Located: HK_LM:Run, Acronis Scheduler2 Service (DISABLED)
command: "F:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
file: F:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
size: 90112
MD5: 9F562956D4EF883EAC1BD7E811957D3C

Located: HK_LM:Run, Acronis*True*Image Monitor (DISABLED)
command: "F:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe"
file: F:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
size: 423342
MD5: 01FFE4886C52BEE757AC8688CD054E8F

Located: HK_LM:Run, Adobe Reader Speed Launcher (DISABLED)
command: "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F

Located: HK_LM:Run, BkupTray (DISABLED)
command: "F:\Program Files\NewTech Infosystems\BkupTray.exe"
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, CanonMyPrinter (DISABLED)
command: F:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
file: F:\Program Files\Canon\MyPrinter\BJMyPrt.exe
size: 1197648
MD5: B3540F5D4D772B87062E06B971951BD8

Located: HK_LM:Run, eFax 4.3 (DISABLED)
command: "F:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe" /R
file: F:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe
size: 116224
MD5: 55C9DD19EDC545BC44FD32BC80B12831

Located: HK_LM:Run, KernelFaultCheck (DISABLED)
command: %systemroot%\system32\dumprep 0 -k
file: F:\WINDOWS\system32\dumprep.exe
size: 10752
MD5: 13922EB54890C77005268882629A31FE

Located: HK_LM:Run, NeroFilterCheck (DISABLED)
command: F:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
file: F:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
size: 153136
MD5: 8112D0DACAE746290FC87B3A980FA719

Located: HK_LM:Run, NovaBackup 7 Tray Control (DISABLED)
command: "F:\Program Files\NovaStor\NovaBACKUP\NbkCtrl.exe"
file: F:\Program Files\NovaStor\NovaBACKUP\NbkCtrl.exe
size: 417792
MD5: 7699397E1C9541AED765C315FFB63B63

Located: HK_LM:Run, NTI Open File Manager (DISABLED)
command: "F:\Program Files\NTI Open File Manager\fileAccessManager.exe"
file: F:\Program Files\NTI Open File Manager\fileAccessManager.exe
size: 812304
MD5: AE33DC887EA5820ED51D2B827F9CA05A

Located: HK_LM:Run, Picasa Media Detector (DISABLED)
command: F:\Program Files\Picasa2\PicasaMediaDetector.exe
file: F:\Program Files\Picasa2\PicasaMediaDetector.exe
size: 443968
MD5: 03463803AE9386EB095FFFD8DD26B85B

Located: HK_LM:Run, PinnacleDriverCheck (DISABLED)
command: F:\WINDOWS\system32\\PSDrvCheck.exe
file: F:\WINDOWS\system32\\PSDrvCheck.exe
size: 406016
MD5: 39D31D333C39CAA9A13B738804B43284

Located: HK_LM:Run, QuickTime Task (DISABLED)
command: "F:\Program Files\QuickTime\qttask.exe" -atboottime
file: F:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: 76A3A30B58405C2C6D833895253A51A9

Located: HK_LM:Run, RemoteControl (DISABLED)
command: "F:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
file: F:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
size: 32768
MD5: 1EEA64D8599B5B7BD8721498E4019CF0

Located: HK_LM:Run, Smapp (DISABLED)
command: F:\Program Files\Analog Devices\SoundMAX\SMTray.exe
file: F:\Program Files\Analog Devices\SoundMAX\SMTray.exe
size: 143360
MD5: 2D765E811B6FFEA9F91D4425E34B8461

Located: HK_LM:Run, TkBellExe (DISABLED)
command: "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: F:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185632
MD5: 59F017B88EA635E374247946B7AB7BF4

Located: HK_LM:Run, VTTimer (DISABLED)
command: VTTimer.exe
file: F:\WINDOWS\system32\VTTimer.exe
size: 36864
MD5: F6E960D1B2EF9CEF7876743E864F12AE

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-484763869-1202660629-839522115-1003...
command: F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2097488
MD5: A9A5DB6AC3721BE698B996913693D73F

Located: HK_CU:Run, BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} (DISABLED)
where: S-1-5-21-484763869-1202660629-839522115-1003...
command: "F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
file: F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
size: 153136
MD5: 59D9856CD1420E2AF778821B7E1B81D0

Located: HK_CU:Run, ctfmon.exe (DISABLED)
where: S-1-5-21-484763869-1202660629-839522115-1003...
command: F:\WINDOWS\system32\ctfmon.exe
file: F:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8

Located: HK_CU:Run, Handy Backup (DISABLED)
where: S-1-5-21-484763869-1202660629-839522115-1003...
command: F:\Program Files\Novosoft\Handy Backup\hbagent.exe -logon
file: F:\Program Files\Novosoft\Handy Backup\hbagent.exe
size: 3066968
MD5: 194F82B3F81E0B129CD994EC8120145B

Located: HK_CU:Run, MSMSGS (DISABLED)
where: S-1-5-21-484763869-1202660629-839522115-1003...
command: "F:\Program Files\Messenger\msmsgs.exe" /background
file: F:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259

Located: HK_CU:Run, PowerBar (DISABLED)
where: S-1-5-21-484763869-1202660629-839522115-1003...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, Skype (DISABLED)
where: S-1-5-21-484763869-1202660629-839522115-1003...
command: "F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_CU:Run, swg (DISABLED)
where: S-1-5-21-484763869-1202660629-839522115-1003...
command: F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
file: F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE

Located: HK_CU:Run, tunebite.exe (DISABLED)
where: S-1-5-21-484763869-1202660629-839522115-1003...
command: F:\Program Files\Tunebite\tunebite.exe -tray
file: F:\Program Files\Tunebite\tunebite.exe
size: 2846720
MD5: 8DE30F640FFC260FA08DFA9735A0C430

Located: Startup (common), eFax 4.3.lnk (DISABLED)
where: F:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: F:\Program Files\eFax Messenger 4.3\J2GTray.exe
file: F:\Program Files\eFax Messenger 4.3\J2GTray.exe
size: 629248
MD5: 5468E1F70EE015E3EBDE3760F2FABCFE

Located: Startup (common), Google Updater.lnk (DISABLED)
where: F:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: F:\Program Files\Google\Google Updater\GoogleUpdater.exe
file: F:\Program Files\Google\Google Updater\GoogleUpdater.exe
size: 125624
MD5: 785478C1E612CDC7D2117A14C2304EBF

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Terminator · Jun 11, 2008

See HERE for more information on Win32.Tiny.abk.

Please note that XP Service Pack 3 is now avaliable and it is advisable that you install it once your current problem is sorted.

scomage · Jun 11, 2008

How Do I Remove It?

There is a lot of information at that link, but there is no information how to remove it. I already know it is a root kit with hidden files. I have tried to delete it in safe mode, but I get a message the file does not exist even though I can see it in explorer. Please just point me to any available information to remove it. I came to this forum instead of doing a general search because I trust Spybot, but if you don't have a solution let me know.

Terminator · Jun 12, 2008

One of the people in the link I gave you only managed to rid his system of this pest by formating his Hard Drive:sad: which should ONLY be done if all else fails.

I'm afraid I have no other advice to offer you:sad:.

md usa spybot fan · Jun 12, 2008

scomage:

I suggest you consider posting in the Malware Removal forum and having someone take a look at your system.

If you decide to have an experienced malware removal specialist assist you, please follow the procedure in this link to run scans and produce a HijackThis log:

"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance).

After you have completed the required scans and produced the requested logs, start your own thread in the Malware Removal forum, making sure to post the logs produced from the above instructions.

xpdx.sys detected-"fix" causes reboot

scomage

New member

md usa spybot fan

Spybot Advisor Team [Retired]

scomage

New member

Terminator

New member

scomage

New member

Terminator

New member

md usa spybot fan

Spybot Advisor Team [Retired]