Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

tuneup utilities 2012


  • Please log in to reply
7 replies to this topic

#1 tnspeck

tnspeck

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 01 February 2012 - 04:10 PM

I downloaded tuneup utilities in January of 2012 and now am having problems with my computer. I am running windows xp with service pack 3 on a Dell Dimension 4600. After trying to uninstall tuneup utilities I cannot do a system restore(normal or safe mode),mouse and keyboard trouble, must click on everything twice to open something from a web page,trying to download new programs such as Adobe Reader, etc. I am also having trouble with internet explorer not allowing me to open up new windows and most of the time I get an error stating the my internet connection is lost when I am supposed to be constantly linked to the internet. I also had some trouble trying to get search results on your website as well as signing in. I tried to get into paypal and it would not let me saying I had the wrong name/password which was checked, checked, checked and rechecked. My computer is a mess and I really need some help. I also downloaded this program to my laptop and now cannot do a system restore on there as well. I was wondering if we could fix my pc and then work on the laptop?

I have tried running Malwarebytes, AVG free edition and antisuperspyware(all with newest updates) and still have had no success. Also when I run AVG rootkit scan it comes up with one rootkit but it cannot be removed. I don't know if this is the problem but I thought I would share this with you as well.

PLEASE HELP!!!!!!!!!!!!! Any help that you could give me would be greatly appreciated.

Thanks

Teresa

Edited by tnspeck, 01 February 2012 - 04:20 PM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:11 PM

Posted 01 February 2012 - 04:31 PM

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:

• Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.

• Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.

• Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

• Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.

• The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.

#3 tnspeck

tnspeck
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 03 February 2012 - 08:19 PM

So what do I do now?

please ignore, posted to wrong site

Edited by tnspeck, 03 February 2012 - 08:22 PM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:11 PM

Posted 03 February 2012 - 09:34 PM

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.

Malwarebytes Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Instructions:

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.



#5 tnspeck

tnspeck
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 06 February 2012 - 01:00 PM

Here are the reports that you asked for. Sorry for taking so long but I had trouble with one of the programs. Hopefully we can do something with this computer!!!!!!! I also wanted you to know that when trying to download superantispyware when I tried to go into safe mode, both my keyboard and mouse would not work. I am also having trouble with my internet saying that I need to diagnose my connection but I have continuous internet and when I check my internet connection I am still connected.



Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.05.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Teresa :: SPECKNT [administrator]

2/5/2012 13:26:08
mbam-log-2012-02-05 (13-26-08).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 291248
Time elapsed: 1 hour(s), 43 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/06/2012 at 01:55 AM

Application Version : 5.0.1144

Core Rules Database Version : 8197
Trace Rules Database Version: 6009

Scan type : Complete Scan
Total Scan Time : 01:31:36

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 510
Memory threats detected : 0
Registry items scanned : 22544
Registry threats detected : 0
File items scanned : 74127
File threats detected : 1

Adware.Tracking Cookie
C:\Documents and Settings\Teresa\Cookies\769UNNR2.txt [ /mywebsearch.com ]

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-05 19:40:11
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800BB-75FRA0 rev.77.07W77
Running: dx5p9s09.exe; Driver: C:\DOCUME~1\Teresa\LOCALS~1\Temp\uxldypog.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB7331F3C]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xB7BEE640]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB7332080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB733211C]

Code \WINDOWS\system32\ntoskrnl.exe[PAGEVRFY] [806750A5] pIofCallDriver
Code \WINDOWS\system32\ntoskrnl.exe[PAGEVRFY] [806757AF] pIofCompleteRequest

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xB940F360, 0x37388D, 0xE8000020]
? C:\DOCUME~1\Teresa\LOCALS~1\Temp\uxldypob.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[2968] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] [8067789A] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!IofCallDriver] [806750A5] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] [80675210] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] [80676E31] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!MmUnmapLockedPages] [80675CAE] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!MmMapIoSpace] [80676D2A] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!MmUnmapIoSpace] [80675D03] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!IoGetDmaAdapter] [8067A308] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!MmProbeAndLockPages] [80676BAD] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!MmUnlockPages] [80675C51] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!KeSetEvent] [8067620F] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!KeInitializeMutex] [8067677E] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!ExFreePoolWithTag] [806761DF] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!IofCompleteRequest] [806757AF] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!KeInitializeSpinLock] [8067681F] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] [806763AF] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] [80676402] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!KeSynchronizeExecution] [806777D1] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!IoInitializeTimer] [8067528B] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!KeWaitForSingleObject] [806766C4] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!KeReleaseMutex] [80676755] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] [8067684B] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[HAL.dll!KeQueryPerformanceCounter] [806784D5] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[HAL.dll!KfRaiseIrql] [80677673] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[HAL.dll!KfLowerIrql] [80677713] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[HAL.dll!KfAcquireSpinLock] [806774D3] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[HAL.dll!KfReleaseSpinLock] [80677549] \WINDOWS\system32\ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

---- EOF - GMER 1.0.15 ----

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:11 PM

Posted 06 February 2012 - 01:32 PM

Please download TDSSKiller and run it. If it asks you to fix anything, then PLEASE DO NOT FIX ANYTHING and post the resulting log that is available in the C:\.

#7 tnspeck

tnspeck
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:11 PM

Posted 06 February 2012 - 11:13 PM

22:28:52.0406 1108 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
22:28:52.0703 1108 ============================================================
22:28:52.0718 1108 Current date / time: 2012/02/06 22:28:52.0703
22:28:52.0718 1108 SystemInfo:
22:28:52.0718 1108
22:28:52.0718 1108 OS Version: 5.1.2600 ServicePack: 3.0
22:28:52.0718 1108 Product type: Workstation
22:28:52.0718 1108 ComputerName: SPECKNT
22:28:52.0718 1108 UserName: Teresa
22:28:52.0718 1108 Windows directory: C:\WINDOWS
22:28:52.0718 1108 System windows directory: C:\WINDOWS
22:28:52.0718 1108 Processor architecture: Intel x86
22:28:52.0718 1108 Number of processors: 2
22:28:52.0718 1108 Page size: 0x1000
22:28:52.0718 1108 Boot type: Normal boot
22:28:52.0718 1108 ============================================================
22:28:54.0906 1108 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:28:54.0906 1108 \Device\Harddisk0\DR0:
22:28:54.0906 1108 MBR used
22:28:54.0906 1108 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
22:28:54.0984 1108 Initialize success
22:28:54.0984 1108 ============================================================
22:46:08.0062 1272 ============================================================
22:46:08.0062 1272 Scan started
22:46:08.0062 1272 Mode: Manual;
22:46:08.0062 1272 ============================================================
22:46:09.0109 1272 Abiosdsk - ok
22:46:09.0359 1272 abp480n5 - ok
22:46:09.0718 1272 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:46:09.0718 1272 ACPI - ok
22:46:10.0015 1272 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:46:10.0015 1272 ACPIEC - ok
22:46:10.0312 1272 adpu160m - ok
22:46:10.0656 1272 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:46:10.0656 1272 aec - ok
22:46:11.0015 1272 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:46:11.0015 1272 AFD - ok
22:46:11.0421 1272 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:46:11.0421 1272 agp440 - ok
22:46:11.0687 1272 Aha154x - ok
22:46:11.0921 1272 aic78u2 - ok
22:46:12.0171 1272 aic78xx - ok
22:46:12.0406 1272 AliIde - ok
22:46:12.0656 1272 amsint - ok
22:46:12.0890 1272 asc - ok
22:46:13.0140 1272 asc3350p - ok
22:46:13.0375 1272 asc3550 - ok
22:46:13.0687 1272 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:46:13.0687 1272 AsyncMac - ok
22:46:14.0250 1272 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:46:14.0250 1272 atapi - ok
22:46:14.0500 1272 Atdisk - ok
22:46:14.0812 1272 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:46:14.0812 1272 Atmarpc - ok
22:46:15.0187 1272 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:46:15.0187 1272 audstub - ok
22:46:15.0546 1272 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
22:46:15.0546 1272 AVGIDSDriver - ok
22:46:15.0875 1272 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
22:46:15.0875 1272 AVGIDSEH - ok
22:46:16.0250 1272 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
22:46:16.0250 1272 AVGIDSFilter - ok
22:46:16.0578 1272 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
22:46:16.0578 1272 AVGIDSShim - ok
22:46:16.0953 1272 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:46:16.0968 1272 Avgldx86 - ok
22:46:17.0328 1272 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:46:17.0328 1272 Avgmfx86 - ok
22:46:17.0656 1272 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:46:17.0656 1272 Avgrkx86 - ok
22:46:18.0062 1272 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
22:46:18.0062 1272 Avgtdix - ok
22:46:18.0796 1272 BCMModem (41347688046d49cde0f6d138a534f73d) C:\WINDOWS\system32\DRIVERS\BCMSM.sys
22:46:18.0812 1272 BCMModem - ok
22:46:19.0171 1272 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:46:19.0171 1272 Beep - ok
22:46:19.0500 1272 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:46:19.0500 1272 cbidf2k - ok
22:46:19.0765 1272 cd20xrnt - ok
22:46:20.0062 1272 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:46:20.0062 1272 Cdaudio - ok
22:46:20.0406 1272 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:46:20.0406 1272 Cdfs - ok
22:46:20.0750 1272 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:46:20.0750 1272 Cdrom - ok
22:46:21.0000 1272 Changer - ok
22:46:21.0250 1272 CmdIde - ok
22:46:21.0500 1272 Cpqarray - ok
22:46:21.0843 1272 ctsfm2k (b459ae4afca570088adddbe55eabbc92) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
22:46:21.0843 1272 ctsfm2k - ok
22:46:22.0156 1272 dac2w2k - ok
22:46:22.0406 1272 dac960nt - ok
22:46:22.0734 1272 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:46:22.0734 1272 Disk - ok
22:46:23.0296 1272 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:46:23.0312 1272 dmboot - ok
22:46:23.0703 1272 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:46:23.0703 1272 dmio - ok
22:46:24.0031 1272 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:46:24.0031 1272 dmload - ok
22:46:24.0390 1272 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:46:24.0390 1272 DMusic - ok
22:46:24.0671 1272 dpti2o - ok
22:46:24.0968 1272 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:46:24.0968 1272 drmkaud - ok
22:46:25.0359 1272 drvmcdb (7f056a52bcba3102d2d37a4a2646c807) C:\WINDOWS\system32\drivers\drvmcdb.sys
22:46:25.0359 1272 drvmcdb - ok
22:46:25.0703 1272 drvnddm (d3c1e501ed42e77574b3095309dd4075) C:\WINDOWS\system32\drivers\drvnddm.sys
22:46:25.0703 1272 drvnddm - ok
22:46:26.0078 1272 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:46:26.0078 1272 E100B - ok
22:46:26.0468 1272 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:46:26.0468 1272 Fastfat - ok
22:46:26.0812 1272 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:46:26.0812 1272 Fdc - ok
22:46:27.0171 1272 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:46:27.0171 1272 Fips - ok
22:46:27.0484 1272 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:46:27.0500 1272 Flpydisk - ok
22:46:28.0046 1272 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:46:28.0046 1272 FltMgr - ok
22:46:28.0468 1272 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:46:28.0468 1272 Fs_Rec - ok
22:46:28.0828 1272 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:46:28.0828 1272 Ftdisk - ok
22:46:29.0171 1272 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
22:46:29.0171 1272 gameenum - ok
22:46:29.0515 1272 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:46:29.0515 1272 Gpc - ok
22:46:29.0859 1272 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:46:29.0859 1272 HidUsb - ok
22:46:30.0187 1272 hpn - ok
22:46:30.0562 1272 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:46:30.0578 1272 HTTP - ok
22:46:30.0843 1272 i2omgmt - ok
22:46:31.0093 1272 i2omp - ok
22:46:31.0390 1272 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:46:31.0390 1272 i8042prt - ok
22:46:31.0781 1272 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:46:31.0781 1272 Imapi - ok
22:46:32.0078 1272 ini910u - ok
22:46:32.0328 1272 IntelIde - ok
22:46:32.0640 1272 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:46:32.0640 1272 intelppm - ok
22:46:32.0953 1272 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:46:32.0953 1272 ip6fw - ok
22:46:33.0312 1272 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:46:33.0312 1272 IpFilterDriver - ok
22:46:33.0640 1272 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:46:33.0640 1272 IpInIp - ok
22:46:34.0093 1272 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:46:34.0093 1272 IpNat - ok
22:46:34.0453 1272 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:46:34.0453 1272 IPSec - ok
22:46:34.0765 1272 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:46:34.0765 1272 IRENUM - ok
22:46:35.0156 1272 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:46:35.0156 1272 isapnp - ok
22:46:35.0500 1272 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:46:35.0500 1272 Kbdclass - ok
22:46:35.0828 1272 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:46:35.0828 1272 kbdhid - ok
22:46:36.0218 1272 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:46:36.0234 1272 kmixer - ok
22:46:36.0578 1272 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:46:36.0578 1272 KSecDD - ok
22:46:36.0890 1272 L8042Kbd (0c6e346cde730cf1356dd69ad6e9bc42) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
22:46:36.0890 1272 L8042Kbd - ok
22:46:37.0265 1272 LBeepKE (be2dc24d403643a2d1d98f33c7087b38) C:\WINDOWS\system32\Drivers\LBeepKE.sys
22:46:37.0265 1272 LBeepKE - ok
22:46:37.0531 1272 lbrtfdc - ok
22:46:37.0859 1272 LHidFilt (01cc7fb6e790ef044b411377f3a1ff41) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
22:46:37.0859 1272 LHidFilt - ok
22:46:38.0250 1272 LMouFilt (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
22:46:38.0250 1272 LMouFilt - ok
22:46:38.0562 1272 LUsbFilt (0c62957912d4df1e4ba9795e6be3ed38) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
22:46:38.0562 1272 LUsbFilt - ok
22:46:38.0921 1272 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:46:38.0937 1272 mnmdd - ok
22:46:39.0328 1272 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:46:39.0328 1272 Modem - ok
22:46:39.0640 1272 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
22:46:39.0640 1272 MODEMCSA - ok
22:46:39.0984 1272 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:46:40.0000 1272 Mouclass - ok
22:46:40.0359 1272 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:46:40.0359 1272 mouhid - ok
22:46:40.0687 1272 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:46:40.0687 1272 MountMgr - ok
22:46:40.0937 1272 mraid35x - ok
22:46:41.0296 1272 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:46:41.0296 1272 MRxDAV - ok
22:46:41.0750 1272 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:46:41.0765 1272 MRxSmb - ok
22:46:42.0093 1272 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:46:42.0093 1272 Msfs - ok
22:46:42.0406 1272 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:46:42.0406 1272 MSKSSRV - ok
22:46:42.0734 1272 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:46:42.0734 1272 MSPCLOCK - ok
22:46:43.0062 1272 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:46:43.0062 1272 MSPQM - ok
22:46:43.0453 1272 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:46:43.0453 1272 mssmbios - ok
22:46:43.0828 1272 MTK (7ba76ed9c7ef33b4c8c6041ce6c91a6e) C:\WINDOWS\system32\Drivers\fide.sys
22:46:43.0828 1272 MTK - ok
22:46:44.0437 1272 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:46:44.0437 1272 Mup - ok
22:46:44.0812 1272 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:46:44.0828 1272 NDIS - ok
22:46:45.0171 1272 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:46:45.0171 1272 NdisTapi - ok
22:46:45.0484 1272 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:46:45.0484 1272 Ndisuio - ok
22:46:45.0843 1272 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:46:45.0843 1272 NdisWan - ok
22:46:46.0203 1272 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:46:46.0203 1272 NDProxy - ok
22:46:46.0531 1272 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:46:46.0531 1272 NetBIOS - ok
22:46:46.0906 1272 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:46:46.0906 1272 NetBT - ok
22:46:47.0265 1272 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:46:47.0265 1272 Npfs - ok
22:46:47.0750 1272 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:46:47.0765 1272 Ntfs - ok
22:46:48.0062 1272 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:46:48.0062 1272 Null - ok
22:46:50.0406 1272 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:46:50.0468 1272 nv - ok
22:46:50.0828 1272 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:46:50.0828 1272 NwlnkFlt - ok
22:46:51.0187 1272 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:46:51.0187 1272 NwlnkFwd - ok
22:46:51.0531 1272 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
22:46:51.0531 1272 OMCI - ok
22:46:51.0906 1272 ossrv (c720c25b2d0c93dc425155f5b6a707f3) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
22:46:51.0906 1272 ossrv - ok
22:46:52.0656 1272 P16X (f051107ff80f132882e71e3a5d302ec1) C:\WINDOWS\system32\drivers\P16X.sys
22:46:52.0671 1272 P16X - ok
22:46:53.0078 1272 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:46:53.0078 1272 Parport - ok
22:46:53.0421 1272 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:46:53.0421 1272 PartMgr - ok
22:46:53.0734 1272 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:46:53.0734 1272 ParVdm - ok
22:46:54.0093 1272 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:46:54.0093 1272 PCI - ok
22:46:54.0437 1272 PCIDump - ok
22:46:54.0750 1272 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:46:54.0750 1272 PCIIde - ok
22:46:55.0078 1272 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:46:55.0078 1272 Pcmcia - ok
22:46:55.0359 1272 PDCOMP - ok
22:46:55.0593 1272 PDFRAME - ok
22:46:55.0843 1272 PDRELI - ok
22:46:56.0078 1272 PDRFRAME - ok
22:46:56.0328 1272 perc2 - ok
22:46:56.0562 1272 perc2hib - ok
22:46:56.0875 1272 PfModNT (c8a2d6ff660ac601b7bb9a9b16a5c25e) C:\WINDOWS\system32\drivers\PfModNT.sys
22:46:56.0875 1272 PfModNT - ok
22:46:57.0250 1272 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:46:57.0250 1272 PptpMiniport - ok
22:46:57.0578 1272 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
22:46:57.0593 1272 Processor - ok
22:46:57.0921 1272 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:46:57.0937 1272 PSched - ok
22:46:58.0218 1272 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:46:58.0234 1272 Ptilink - ok
22:46:58.0546 1272 PxHelp20 (7e1eacdecba39e0b2a35306426f0decc) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
22:46:58.0546 1272 PxHelp20 - ok
22:46:58.0812 1272 ql1080 - ok
22:46:59.0062 1272 Ql10wnt - ok
22:46:59.0312 1272 ql12160 - ok
22:46:59.0546 1272 ql1240 - ok
22:46:59.0812 1272 ql1280 - ok
22:47:00.0234 1272 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:47:00.0234 1272 RasAcd - ok
22:47:00.0625 1272 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:47:00.0625 1272 Rasl2tp - ok
22:47:00.0953 1272 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:47:00.0953 1272 RasPppoe - ok
22:47:01.0250 1272 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:47:01.0250 1272 Raspti - ok
22:47:01.0625 1272 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:47:01.0625 1272 Rdbss - ok
22:47:01.0890 1272 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:47:01.0906 1272 RDPCDD - ok
22:47:02.0281 1272 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:47:02.0281 1272 RDPWD - ok
22:47:02.0640 1272 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:47:02.0640 1272 redbook - ok
22:47:02.0921 1272 SASDIFSV (39763504067962108505bff25f024345) C:\DOCUME~1\Teresa\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS
22:47:02.0921 1272 SASDIFSV - ok
22:47:03.0218 1272 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\DOCUME~1\Teresa\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS
22:47:03.0218 1272 SASKUTIL - ok
22:47:03.0593 1272 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:47:03.0593 1272 Secdrv - ok
22:47:03.0937 1272 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:47:03.0937 1272 serenum - ok
22:47:04.0390 1272 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:47:04.0390 1272 Serial - ok
22:47:04.0718 1272 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:47:04.0718 1272 Sfloppy - ok
22:47:04.0984 1272 Simbad - ok
22:47:05.0265 1272 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
22:47:05.0265 1272 SONYPVU1 - ok
22:47:05.0546 1272 Sparrow - ok
22:47:05.0859 1272 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:47:05.0859 1272 splitter - ok
22:47:06.0234 1272 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:47:06.0234 1272 sr - ok
22:47:06.0656 1272 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:47:06.0671 1272 Srv - ok
22:47:07.0000 1272 sscdbhk5 (328e8bb94ec58480f60458fb4b8437a7) C:\WINDOWS\system32\drivers\sscdbhk5.sys
22:47:07.0000 1272 sscdbhk5 - ok
22:47:07.0359 1272 ssrtln (7ec8b427cee5c0cdac066320b93f1355) C:\WINDOWS\system32\drivers\ssrtln.sys
22:47:07.0359 1272 ssrtln - ok
22:47:07.0687 1272 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:47:07.0687 1272 swenum - ok
22:47:08.0046 1272 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:47:08.0046 1272 swmidi - ok
22:47:08.0312 1272 symc810 - ok
22:47:08.0562 1272 symc8xx - ok
22:47:08.0796 1272 sym_hi - ok
22:47:09.0046 1272 sym_u3 - ok
22:47:09.0343 1272 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:47:09.0359 1272 sysaudio - ok
22:47:09.0796 1272 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:47:09.0796 1272 Tcpip - ok
22:47:10.0140 1272 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:47:10.0140 1272 TDPIPE - ok
22:47:10.0500 1272 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:47:10.0500 1272 TDTCP - ok
22:47:10.0843 1272 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:47:10.0843 1272 TermDD - ok
22:47:11.0203 1272 tfsnboio (c229bf90443be8d3bd2b65d7f3ac0f35) C:\WINDOWS\system32\dla\tfsnboio.sys
22:47:11.0203 1272 tfsnboio - ok
22:47:11.0562 1272 tfsncofs (79ee9fcd7728e54ab8fbc30962f0416f) C:\WINDOWS\system32\dla\tfsncofs.sys
22:47:11.0562 1272 tfsncofs - ok
22:47:11.0921 1272 tfsndrct (9efb37e7de17d783a059b653f7e8afad) C:\WINDOWS\system32\dla\tfsndrct.sys
22:47:11.0921 1272 tfsndrct - ok
22:47:12.0265 1272 tfsndres (130254995ebedcb34d62e8d78ec9dbd0) C:\WINDOWS\system32\dla\tfsndres.sys
22:47:12.0281 1272 tfsndres - ok
22:47:12.0546 1272 tfsnifs - ok
22:47:12.0875 1272 tfsnopio (818047ad850b312705aa17ca96b9427d) C:\WINDOWS\system32\dla\tfsnopio.sys
22:47:12.0875 1272 tfsnopio - ok
22:47:13.0218 1272 tfsnpool (4603e813bcc6dd465cd8d2afd37fa90d) C:\WINDOWS\system32\dla\tfsnpool.sys
22:47:13.0218 1272 tfsnpool - ok
22:47:13.0562 1272 tfsnudf (6fc2cd904a9a55acfdfc780a611a75ed) C:\WINDOWS\system32\dla\tfsnudf.sys
22:47:13.0562 1272 tfsnudf - ok
22:47:13.0937 1272 tfsnudfa (d4afa4d00f8db3fd1c15b3fe49c3a96c) C:\WINDOWS\system32\dla\tfsnudfa.sys
22:47:13.0953 1272 tfsnudfa - ok
22:47:14.0281 1272 TosIde - ok
22:47:14.0578 1272 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:47:14.0578 1272 Udfs - ok
22:47:14.0875 1272 ultra - ok
22:47:15.0296 1272 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:47:15.0296 1272 Update - ok
22:47:15.0671 1272 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:47:15.0671 1272 usbccgp - ok
22:47:16.0359 1272 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:47:16.0359 1272 usbehci - ok
22:47:16.0687 1272 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:47:16.0687 1272 usbhub - ok
22:47:17.0015 1272 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:47:17.0015 1272 usbprint - ok
22:47:17.0359 1272 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:47:17.0359 1272 usbscan - ok
22:47:17.0687 1272 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:47:17.0687 1272 USBSTOR - ok
22:47:18.0031 1272 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:47:18.0031 1272 usbuhci - ok
22:47:18.0359 1272 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:47:18.0359 1272 VgaSave - ok
22:47:18.0609 1272 ViaIde - ok
22:47:18.0937 1272 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:47:18.0937 1272 VolSnap - ok
22:47:19.0328 1272 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:47:19.0328 1272 Wanarp - ok
22:47:19.0859 1272 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:47:19.0875 1272 Wdf01000 - ok
22:47:20.0156 1272 WDICA - ok
22:47:20.0484 1272 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:47:20.0484 1272 wdmaud - ok
22:47:20.0859 1272 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:47:20.0859 1272 WS2IFSL - ok
22:47:21.0234 1272 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:47:21.0250 1272 WudfPf - ok
22:47:21.0593 1272 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:47:21.0593 1272 WudfRd - ok
22:47:21.0640 1272 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:47:21.0875 1272 \Device\Harddisk0\DR0 - ok
22:47:21.0875 1272 Boot (0x1200) (e495aefe2e6d30b5695717e4ec2e456c) \Device\Harddisk0\DR0\Partition0
22:47:21.0875 1272 \Device\Harddisk0\DR0\Partition0 - ok
22:47:21.0875 1272 ============================================================
22:47:21.0875 1272 Scan finished
22:47:21.0875 1272 ============================================================
22:47:21.0890 2564 Detected object count: 0
22:47:21.0890 2564 Actual detected object count: 0
22:47:42.0937 1928 Deinitialize success

Edited by tnspeck, 06 February 2012 - 11:39 PM.


#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:11 PM

Posted 09 February 2012 - 03:59 PM

Your log doesn't show any infections.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users