Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC Antispyware 2010


  • This topic is locked This topic is locked
3 replies to this topic

#1 agaetisbyrjun22

agaetisbyrjun22

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 27 August 2009 - 11:32 PM

I recently discovered PC antispyware 2010 was taking up residence on my laptop, as well as what seems to be a google redirect virus (which I thought I had taken care of previously), what appears to be AntiSpy Protector 2009 and something which asks me to install IE and Flash player. Of course, the virus prevents me from running Malware Bytes, Spybot and all other antivirus programs.

After seeing the post on the homepage of the site about each case of AntiSpy Protector 2009 being unique I thought I'd post my logs here. DDS, RSIT, nor Hijackthis will run, but Rootrepeal gave me this:


ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/28 00:27
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF75AF000 Size: 57344 File Visible: - Signed: -
Status: -

Name: ABP480N5.SYS
Image Path: ABP480N5.SYS
Address: 0xF7777000 Size: 23552 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF7460000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2189056 File Visible: - Signed: -
Status: -

Name: adpu160m.sys
Image Path: adpu160m.sys
Address: 0xF73A3000 Size: 101888 File Visible: - Signed: -
Status: -

Name: AegisP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AegisP.sys
Address: 0xF7807000 Size: 19360 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xF514E000 Size: 138496 File Visible: - Signed: -
Status: -

Name: agp440.sys
Image Path: agp440.sys
Address: 0xF75BF000 Size: 42368 File Visible: - Signed: -
Status: -

Name: agpCPQ.sys
Image Path: agpCPQ.sys
Address: 0xF75EF000 Size: 44928 File Visible: - Signed: -
Status: -

Name: aha154x.sys
Image Path: aha154x.sys
Address: 0xF78CF000 Size: 12800 File Visible: - Signed: -
Status: -

Name: aic78u2.sys
Image Path: aic78u2.sys
Address: 0xF750F000 Size: 55168 File Visible: - Signed: -
Status: -

Name: aic78xx.sys
Image Path: aic78xx.sys
Address: 0xF74DF000 Size: 56960 File Visible: - Signed: -
Status: -

Name: aliide.sys
Image Path: aliide.sys
Address: 0xF79BB000 Size: 5248 File Visible: - Signed: -
Status: -

Name: alim1541.sys
Image Path: alim1541.sys
Address: 0xF75CF000 Size: 42752 File Visible: - Signed: -
Status: -

Name: amdagp.sys
Image Path: amdagp.sys
Address: 0xF75DF000 Size: 43008 File Visible: - Signed: -
Status: -

Name: amsint.sys
Image Path: amsint.sys
Address: 0xF78DB000 Size: 12032 File Visible: - Signed: -
Status: -

Name: Apfiltr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
Address: 0xF6557000 Size: 91712 File Visible: - Signed: -
Status: -

Name: asc.sys
Image Path: asc.sys
Address: 0xF7747000 Size: 26496 File Visible: - Signed: -
Status: -

Name: asc3350p.sys
Image Path: asc3350p.sys
Address: 0xF777F000 Size: 22400 File Visible: - Signed: -
Status: -

Name: asc3550.sys
Image Path: asc3550.sys
Address: 0xF78DF000 Size: 14848 File Visible: - Signed: -
Status: -

Name: ASCTRM.SYS
Image Path: C:\WINDOWS\System32\Drivers\ASCTRM.SYS
Address: 0xF7A27000 Size: 7488 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF73BC000 Size: 96512 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF7BF0000 Size: 3072 File Visible: - Signed: -
Status: -

Name: avgldx86.sys
Image Path: C:\WINDOWS\System32\Drivers\avgldx86.sys
Address: 0xF503C000 Size: 328576 File Visible: - Signed: -
Status: -

Name: avgmfx86.sys
Image Path: C:\WINDOWS\System32\Drivers\avgmfx86.sys
Address: 0xF77FF000 Size: 21120 File Visible: - Signed: -
Status: -

Name: BATTC.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\BATTC.SYS
Address: 0xF78C7000 Size: 16384 File Visible: - Signed: -
Status: -

Name: bcm4sbxp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
Address: 0xF761F000 Size: 43136 File Visible: - Signed: -
Status: -

Name: BCMSM.sys
Image Path: C:\WINDOWS\system32\DRIVERS\BCMSM.sys
Address: 0xF63C3000 Size: 1101696 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF770F000 Size: 45056 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF78BF000 Size: 12288 File Visible: - Signed: -
Status: -

Name: cbidf2k.sys
Image Path: cbidf2k.sys
Address: 0xF78E7000 Size: 13952 File Visible: - Signed: -
Status: -

Name: cd20xrnt.sys
Image Path: cd20xrnt.sys
Address: 0xF79BD000 Size: 7680 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF6B41000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF765F000 Size: 62976 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF756F000 Size: 53248 File Visible: - Signed: -
Status: -

Name: CmBatt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Address: 0xF79A7000 Size: 13952 File Visible: - Signed: -
Status: -

Name: cmdide.sys
Image Path: cmdide.sys
Address: 0xF79B3000 Size: 6656 File Visible: - Signed: -
Status: -

Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xF78C3000 Size: 10240 File Visible: - Signed: -
Status: -

Name: cpqarray.sys
Image Path: cpqarray.sys
Address: 0xF78CB000 Size: 14976 File Visible: - Signed: -
Status: -

Name: dac2w2k.sys
Image Path: dac2w2k.sys
Address: 0xF7377000 Size: 179584 File Visible: - Signed: -
Status: -

Name: dac960nt.sys
Image Path: dac960nt.sys
Address: 0xF78D7000 Size: 14720 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF755F000 Size: 36352 File Visible: - Signed: -
Status: -

Name: dmio.sys
Image Path: dmio.sys
Address: 0xF73EC000 Size: 153344 File Visible: - Signed: -
Status: -

Name: dpti2o.sys
Image Path: dpti2o.sys
Address: 0xF7787000 Size: 20192 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF767F000 Size: 61440 File Visible: - Signed: -
Status: -

Name: drvmcdb.sys
Image Path: drvmcdb.sys
Address: 0xF7330000 Size: 84032 File Visible: - Signed: -
Status: -

Name: drvnddm.sys
Image Path: C:\WINDOWS\system32\drivers\drvnddm.sys
Address: 0xF2AB9000 Size: 38240 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF4F84000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7A31000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xF62BD000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF000000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF7BCC000 Size: 4096 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF7205000 Size: 44544 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF7357000 Size: 129792 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF79DD000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF7412000 Size: 125056 File Visible: - Signed: -
Status: -

Name: GEARAspiWDM.sys
Image Path: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
Address: 0xF7887000 Size: 28672 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806EE000 Size: 81152 File Visible: - Signed: -
Status: -

Name: hpn.sys
Image Path: hpn.sys
Address: 0xF7797000 Size: 25952 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xF14A6000 Size: 264832 File Visible: - Signed: -
Status: -

Name: i2omgmt.SYS
Image Path: C:\WINDOWS\System32\Drivers\i2omgmt.SYS
Address: 0xF797B000 Size: 8576 File Visible: - Signed: -
Status: -

Name: i2omp.sys
Image Path: i2omp.sys
Address: 0xF7757000 Size: 18560 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF763F000 Size: 52480 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF764F000 Size: 42112 File Visible: - Signed: -
Status: -

Name: ini910u.sys
Image Path: ini910u.sys
Address: 0xF78E3000 Size: 16000 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: intelide.sys
Address: 0xF79B5000 Size: 5504 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xF6AD1000 Size: 36352 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xF508D000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xF51F1000 Size: 75264 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF74AF000 Size: 37248 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF787F000 Size: 24576 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF79AF000 Size: 8192 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xF0EB3000 Size: 172416 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xF6534000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF7319000 Size: 92928 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF79EB000 Size: 4224 File Visible: - Signed: -
Status: -

Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xF788F000 Size: 30080 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF7877000 Size: 23040 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF74BF000 Size: 42368 File Visible: - Signed: -
Status: -

Name: mraid35x.sys
Image Path: mraid35x.sys
Address: 0xF774F000 Size: 17280 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xF1CAC000 Size: 180608 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xF50B3000 Size: 455296 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF77EF000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF76BF000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF7144000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF7245000 Size: 105344 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF725F000 Size: 182656 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF7175000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xF1FD5000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF63AC000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF76EF000 Size: 40576 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF7225000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xF5170000 Size: 162816 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF77F7000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF728C000 Size: 574976 File Visible: - Signed: -
Status: -

Name: ntoskrnl.exe
Image Path: C:\WINDOWS\system32\ntoskrnl.exe
Address: 0x804D7000 Size: 2189056 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF7BD6000 Size: 2944 File Visible: - Signed: -
Status: -

Name: nv4_disp.dll
Image Path: C:\WINDOWS\System32\nv4_disp.dll
Address: 0xBF012000 Size: 3743744 File Visible: - Signed: -
Status: -

Name: nv4_mini.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
Address: 0xF67C2000 Size: 2830688 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF759F000 Size: 61696 File Visible: - Signed: -
Status: -

Name: omci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\omci.sys
Address: 0xF77B7000 Size: 17088 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF7737000 Size: 19712 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF744F000 Size: 68224 File Visible: - Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7A77000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF772F000 Size: 28672 File Visible: - Signed: -
Status: -

Name: pcmcia.sys
Image Path: pcmcia.sys
Address: 0xF7431000 Size: 120192 File Visible: - Signed: -
Status: -

Name: perc2.sys
Image Path: perc2.sys
Address: 0xF778F000 Size: 27296 File Visible: - Signed: -
Status: -

Name: perc2hib.sys
Image Path: perc2hib.sys
Address: 0xF79BF000 Size: 5504 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2189056 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xF64D0000 Size: 147456 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF639B000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF78A7000 Size: 17792 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF779F000 Size: 19552 File Visible: - Signed: -
Status: -

Name: ql1080.sys
Image Path: ql1080.sys
Address: 0xF752F000 Size: 40320 File Visible: - Signed: -
Status: -

Name: ql10wnt.sys
Image Path: ql10wnt.sys
Address: 0xF74EF000 Size: 33152 File Visible: - Signed: -
Status: -

Name: ql12160.sys
Image Path: ql12160.sys
Address: 0xF754F000 Size: 45312 File Visible: - Signed: -
Status: -

Name: ql1240.sys
Image Path: ql1240.sys
Address: 0xF74FF000 Size: 40448 File Visible: - Signed: -
Status: -

Name: ql1280.sys
Image Path: ql1280.sys
Address: 0xF753F000 Size: 49024 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF7993000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF768F000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF769F000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF76AF000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF78AF000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2189056 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xF5123000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF79ED000 Size: 4224 File Visible: - Signed: -
Status: -

Name: rdpdr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Address: 0xF6343000 Size: 196224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF766F000 Size: 57600 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF130E000 Size: 49152 File Visible: No Signed: -
Status: -

Name: s24trans.sys
Image Path: C:\WINDOWS\system32\DRIVERS\s24trans.sys
Address: 0xF2178000 Size: 12416 File Visible: - Signed: -
Status: -

Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\SCSIPORT.SYS
Address: 0xF73D4000 Size: 98304 File Visible: - Signed: -
Status: -

Name: sisagp.sys
Image Path: sisagp.sys
Address: 0xF757F000 Size: 40960 File Visible: - Signed: -
Status: -

Name: sparrow.sys
Image Path: sparrow.sys
Address: 0xF773F000 Size: 19072 File Visible: - Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xF7345000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xF1A0F000 Size: 333952 File Visible: - Signed: -
Status: -

Name: sscdbhk5.sys
Image Path: C:\WINDOWS\system32\drivers\sscdbhk5.sys
Address: 0xF79D3000 Size: 5568 File Visible: - Signed: -
Status: -

Name: ssrtln.sys
Image Path: C:\WINDOWS\system32\drivers\ssrtln.sys
Address: 0xF77DF000 Size: 23168 File Visible: - Signed: -
Status: -

Name: stac97.sys
Image Path: C:\WINDOWS\system32\drivers\stac97.sys
Address: 0xF64F4000 Size: 258432 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF79D5000 Size: 4352 File Visible: - Signed: -
Status: -

Name: sym_hi.sys
Image Path: sym_hi.sys
Address: 0xF7767000 Size: 28384 File Visible: - Signed: -
Status: -

Name: sym_u3.sys
Image Path: sym_u3.sys
Address: 0xF776F000 Size: 30688 File Visible: - Signed: -
Status: -

Name: symc810.sys
Image Path: symc810.sys
Address: 0xF78D3000 Size: 16256 File Visible: - Signed: -
Status: -

Name: symc8xx.sys
Image Path: symc8xx.sys
Address: 0xF775F000 Size: 32640 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xF6B11000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xF5198000 Size: 361600 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF7897000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF76CF000 Size: 40704 File Visible: - Signed: -
Status: -

Name: tfsnboio.sys
Image Path: C:\WINDOWS\system32\dla\tfsnboio.sys
Address: 0xF5274000 Size: 25632 File Visible: - Signed: -
Status: -

Name: tfsncofs.sys
Image Path: C:\WINDOWS\system32\dla\tfsncofs.sys
Address: 0xF2AA9000 Size: 34784 File Visible: - Signed: -
Status: -

Name: tfsndrct.sys
Image Path: C:\WINDOWS\system32\dla\tfsndrct.sys
Address: 0xF7B51000 Size: 4064 File Visible: - Signed: -
Status: -

Name: tfsndres.sys
Image Path: C:\WINDOWS\system32\dla\tfsndres.sys
Address: 0xF7B50000 Size: 2176 File Visible: - Signed: -
Status: -

Name: tfsnifs.sys
Image Path: C:\WINDOWS\system32\dla\tfsnifs.sys
Address: 0xF2143000 Size: 85920 File Visible: - Signed: -
Status: -

Name: tfsnopio.sys
Image Path: C:\WINDOWS\system32\dla\tfsnopio.sys
Address: 0xF7161000 Size: 14176 File Visible: - Signed: -
Status: -

Name: tfsnpool.sys
Image Path: C:\WINDOWS\system32\dla\tfsnpool.sys
Address: 0xF79D1000 Size: 6304 File Visible: - Signed: -
Status: -

Name: tfsnudf.sys
Image Path: C:\WINDOWS\system32\dla\tfsnudf.sys
Address: 0xF212A000 Size: 98528 File Visible: - Signed: -
Status: -

Name: tfsnudfa.sys
Image Path: C:\WINDOWS\system32\dla\tfsnudfa.sys
Address: 0xF2111000 Size: 100544 File Visible: - Signed: -
Status: -

Name: toside.sys
Image Path: toside.sys
Address: 0xF79B7000 Size: 4992 File Visible: - Signed: -
Status: -

Name: ultra.sys
Image Path: ultra.sys
Address: 0xF751F000 Size: 36736 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF62E5000 Size: 384768 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF79D9000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF7867000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF76FF000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF678A000 Size: 147456 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF785F000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF77E7000 Size: 20992 File Visible: - Signed: -
Status: -

Name: viaagp.sys
Image Path: viaagp.sys
Address: 0xF758F000 Size: 42240 File Visible: - Signed: -
Status: -

Name: viaide.sys
Image Path: viaide.sys
Address: 0xF79B9000 Size: 5376 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF67AE000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF74CF000 Size: 52352 File Visible: - Signed: -
Status: -

Name: w29n51.sys
Image Path: C:\WINDOWS\system32\DRIVERS\w29n51.sys
Address: 0xF656E000 Size: 2209408 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF71E5000 Size: 34560 File Visible: - Signed: -
Status: -

Name: wanatw4.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanatw4.sys
Address: 0xF78B7000 Size: 20512 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF783F000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xF1C97000 Size: 83072 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: win32k.sys:1
Image Path: C:\WINDOWS\win32k.sys:1
Address: 0xF526C000 Size: 20480 File Visible: No Signed: -
Status: -

Name: win32k.sys:2
Image Path: C:\WINDOWS\win32k.sys:2
Address: 0xF2A89000 Size: 61440 File Visible: No Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS
Address: 0xF79B1000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2189056 File Visible: - Signed: -
Status: -



Any help would be great

BC AdBot (Login to Remove)

 


#2 agaetisbyrjun22

agaetisbyrjun22
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 28 August 2009 - 01:58 PM

anyone?....anyone?.....Bueller?

Hello agaetisbyrjun22,

While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large, as are other comparable sites that help others with malware issues. Athough our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.

Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, you wouldn't want someone to assist you who is not familiar with your issue and attempt to fix it, would you?

We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.

Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.

Thank you for understanding.

Regards,

The weatherman
(Moderator)

Edited by The weatherman, 28 August 2009 - 05:57 PM.


#3 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:07:52 AM

Posted 01 September 2009 - 09:22 PM

Hello agaetisbyrjun22,


Let's begin.....

Download and run Win32kDiag:Next......


Download and run a batch file (peek.bat):
  • Download peek.bat from the download link below and save it to your Desktop.
  • Double-click peek.bat to run it.A black Command Prompt window will appear shortly: the program is running.
  • Once it is finished, copy and paste the entire contents of the Log.txt file it creates as a reply to this post.
==========

With your next post please provide:

* Win32kDiag.txt
* Log.txt
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#4 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:07:52 AM

Posted 10 September 2009 - 08:22 PM

This thread will now be closed due to lack of feedback.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users