Win XP computer is messed up bad...

Discussion in 'malware problems & news' started by kathyL, May 20, 2011.

Thread Status:
Not open for further replies.
  1. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    rebooting now...

    dag. how are YOU?

    my eyes are a bluggery, blurry mess.

    my hands are so confused on whether i'm using a mouse (for the PC) or my touch pad (for the laptop). :p

    and it's only 830pm here...

    i'll stop whining and so appreciate what you're doing for me
     
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    :thumb:

    Dawn is breaking here :eek:
     
  3. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    reboot complete...what's next?

    scanning previous posts, you said:

    "After it's finished Press Report & a Log will Open. Copy/Paste that into your next Post" which i think has to do with the pgm we just ran...

    but after i hit 'cure', it wanted to reboot and now i'm back at the opening window...
     
  4. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    ReScan with TDSS Killer

    Post back with results
     
  5. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    no infections found.

    BTW, you'd made note that i was scanning cookies...

    do you want me to do anything about those cookies now?

    here is the last scan log:

    2011/05/27 20:48:46.0718 2752 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
    2011/05/27 20:48:46.0750 2752 ================================================================================
    2011/05/27 20:48:46.0750 2752 SystemInfo:
    2011/05/27 20:48:46.0750 2752
    2011/05/27 20:48:46.0750 2752 OS Version: 5.1.2600 ServicePack: 3.0
    2011/05/27 20:48:46.0750 2752 Product type: Workstation
    2011/05/27 20:48:46.0750 2752 ComputerName: NOBLESSE-P5
    2011/05/27 20:48:46.0750 2752 UserName: kathy
    2011/05/27 20:48:46.0750 2752 Windows directory: C:\WINDOWS
    2011/05/27 20:48:46.0750 2752 System windows directory: C:\WINDOWS
    2011/05/27 20:48:46.0750 2752 Processor architecture: Intel x86
    2011/05/27 20:48:46.0750 2752 Number of processors: 1
    2011/05/27 20:48:46.0750 2752 Page size: 0x1000
    2011/05/27 20:48:46.0750 2752 Boot type: Normal boot
    2011/05/27 20:48:46.0750 2752 ================================================================================
    2011/05/27 20:48:48.0218 2752 Initialize success
    2011/05/27 20:48:54.0640 2804 ================================================================================
    2011/05/27 20:48:54.0640 2804 Scan started
    2011/05/27 20:48:54.0640 2804 Mode: Manual;
    2011/05/27 20:48:54.0640 2804 ================================================================================
    2011/05/27 20:48:54.0906 2804 Aavmker4 (3f6884eff406238d39aaa892218f1df7) C:\WINDOWS\system32\drivers\Aavmker4.sys
    2011/05/27 20:48:55.0078 2804 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2011/05/27 20:48:55.0187 2804 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    2011/05/27 20:48:55.0328 2804 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    2011/05/27 20:48:55.0437 2804 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
    2011/05/27 20:48:55.0531 2804 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    2011/05/27 20:48:55.0812 2804 ALCXWDM (bcd805eec4f621cbda15b33053d83ac7) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
    2011/05/27 20:48:56.0265 2804 aswFsBlk (7f08d9c504b015d81a8abd75c80028c5) C:\WINDOWS\system32\drivers\aswFsBlk.sys
    2011/05/27 20:48:56.0359 2804 aswMon2 (c2181ef6b54752273a0759a968c59279) C:\WINDOWS\system32\drivers\aswMon2.sys
    2011/05/27 20:48:56.0453 2804 aswRdr (ac48bdd4cd5d44af33087c06d6e9511c) C:\WINDOWS\system32\drivers\aswRdr.sys
    2011/05/27 20:48:56.0578 2804 aswSnx (b64134316fcd1f20e0f10ef3e65bd522) C:\WINDOWS\system32\drivers\aswSnx.sys
    2011/05/27 20:48:56.0687 2804 aswSP (d6788e3211afa9951ed7a4d617f68a4f) C:\WINDOWS\system32\drivers\aswSP.sys
    2011/05/27 20:48:56.0796 2804 aswTdi (4d100c45517809439c7b6dd98997fa00) C:\WINDOWS\system32\drivers\aswTdi.sys
    2011/05/27 20:48:56.0890 2804 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2011/05/27 20:48:56.0984 2804 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2011/05/27 20:48:57.0203 2804 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2011/05/27 20:48:57.0312 2804 audstub (d9f724aa26c010a217c97606b160ed6:cool: C:\WINDOWS\system32\DRIVERS\audstub.sys
    2011/05/27 20:48:57.0406 2804 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2011/05/27 20:48:57.0531 2804 BulkUsb (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\Drivers\usbscan.sys
    2011/05/27 20:48:57.0640 2804 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2011/05/27 20:48:57.0750 2804 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    2011/05/27 20:48:57.0921 2804 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2011/05/27 20:48:58.0000 2804 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    2011/05/27 20:48:58.0109 2804 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2011/05/27 20:48:58.0687 2804 DCamUSBSvis (4b64ed0e349faa826209c7c7bbd7c31b) C:\WINDOWS\system32\DRIVERS\svstream.sys
    2011/05/27 20:48:58.0875 2804 DcCam (32e31781d59be1fa9c66c5d2e42ef12a) C:\WINDOWS\system32\DRIVERS\DcCam.sys
    2011/05/27 20:48:59.0093 2804 DcFpoint (016ad1e71da43c39e5211fd7521c88d0) C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
    2011/05/27 20:48:59.0265 2804 DCFS2K (7cef1cd1dc5c24208f196c36eb48a411) C:\WINDOWS\system32\drivers\dcfs2k.sys
    2011/05/27 20:48:59.0453 2804 DcLps (2484fe767708eaba26767f2da025639:cool: C:\WINDOWS\system32\DRIVERS\DcLps.sys
    2011/05/27 20:48:59.0609 2804 DcPTP (a76d1610c9cae786006d412f012dcb7c) C:\WINDOWS\system32\DRIVERS\DcPTP.sys
    2011/05/27 20:48:59.0734 2804 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    2011/05/27 20:48:59.0875 2804 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    2011/05/27 20:49:00.0000 2804 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    2011/05/27 20:49:00.0093 2804 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2011/05/27 20:49:00.0203 2804 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    2011/05/27 20:49:00.0359 2804 drmkaud (8f5fcff8e8848afac920905fbd9d33c:cool: C:\WINDOWS\system32\drivers\drmkaud.sys
    2011/05/27 20:49:00.0468 2804 EL910 (1ab278025d2137af9e66ff90ec96d389) C:\WINDOWS\system32\DRIVERS\EL910N51.sys
    2011/05/27 20:49:00.0609 2804 Exportit (bf218812f530e6a80be487cbfd1f3dde) C:\WINDOWS\system32\DRIVERS\exportit.sys
    2011/05/27 20:49:00.0765 2804 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    2011/05/27 20:49:00.0890 2804 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    2011/05/27 20:49:00.0984 2804 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    2011/05/27 20:49:01.0093 2804 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    2011/05/27 20:49:01.0218 2804 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    2011/05/27 20:49:01.0328 2804 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2011/05/27 20:49:01.0421 2804 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2011/05/27 20:49:01.0515 2804 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
    2011/05/27 20:49:01.0593 2804 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
    2011/05/27 20:49:01.0687 2804 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2011/05/27 20:49:01.0875 2804 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2011/05/27 20:49:02.0062 2804 HTTP (f80a415ef82cd06ffaf0d971528ead3:cool: C:\WINDOWS\system32\Drivers\HTTP.sys
    2011/05/27 20:49:02.0281 2804 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2011/05/27 20:49:02.0390 2804 IdeBusDr (4ec233ef7c2a2c36fa962de2ae5d982a) C:\WINDOWS\system32\DRIVERS\IdeBusDr.sys
    2011/05/27 20:49:02.0484 2804 IdeChnDr (e1b24e6478ab2e5e09c21d2028e2f20:cool: C:\WINDOWS\system32\DRIVERS\IdeChnDr.sys
    2011/05/27 20:49:02.0593 2804 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2011/05/27 20:49:02.0750 2804 IntelIde (b5466a9250342a7aa0cd1fba1342067:cool: C:\WINDOWS\system32\DRIVERS\intelide.sys
    2011/05/27 20:49:02.0843 2804 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    2011/05/27 20:49:02.0953 2804 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    2011/05/27 20:49:03.0046 2804 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2011/05/27 20:49:03.0125 2804 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2011/05/27 20:49:03.0218 2804 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2011/05/27 20:49:03.0328 2804 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2011/05/27 20:49:03.0421 2804 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2011/05/27 20:49:03.0546 2804 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2011/05/27 20:49:03.0625 2804 Kbdclass (463c1ec80cd17420a542b7f36a36f12:cool: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2011/05/27 20:49:03.0718 2804 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    2011/05/27 20:49:03.0828 2804 kbfilter (206be403d022353c8eb1b3f3c23ddfbe) C:\WINDOWS\system32\drivers\kbfilter.sys
    2011/05/27 20:49:03.0921 2804 kmixer (692bcf44383d056aed41b045a323d37:cool: C:\WINDOWS\system32\drivers\kmixer.sys
    2011/05/27 20:49:04.0078 2804 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    2011/05/27 20:49:04.0265 2804 MaRdPnp (b51e7eab4baf13b492aa3299bcf52a35) C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys
    2011/05/27 20:49:04.0359 2804 MaVctrl (1b467fb39d6ee0e7f1970eee5fc07121) C:\WINDOWS\system32\DRIVERS\MaVc2K.sys
    2011/05/27 20:49:04.0437 2804 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2011/05/27 20:49:04.0531 2804 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    2011/05/27 20:49:04.0625 2804 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2011/05/27 20:49:04.0781 2804 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2011/05/27 20:49:05.0109 2804 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    2011/05/27 20:49:05.0390 2804 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2011/05/27 20:49:05.0515 2804 MRxSmb (f3aefb11abc521122b67095044169e9:cool: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2011/05/27 20:49:05.0671 2804 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    2011/05/27 20:49:05.0765 2804 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2011/05/27 20:49:05.0859 2804 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2011/05/27 20:49:05.0953 2804 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    2011/05/27 20:49:06.0093 2804 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2011/05/27 20:49:06.0171 2804 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    2011/05/27 20:49:06.0281 2804 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
    2011/05/27 20:49:06.0375 2804 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
    2011/05/27 20:49:06.0468 2804 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    2011/05/27 20:49:06.0593 2804 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    2011/05/27 20:49:06.0703 2804 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    2011/05/27 20:49:06.0796 2804 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2011/05/27 20:49:06.0921 2804 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2011/05/27 20:49:07.0031 2804 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2011/05/27 20:49:07.0140 2804 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    2011/05/27 20:49:07.0250 2804 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2011/05/27 20:49:07.0343 2804 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2011/05/27 20:49:07.0484 2804 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    2011/05/27 20:49:07.0593 2804 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    2011/05/27 20:49:07.0734 2804 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2011/05/27 20:49:07.0890 2804 nv (1685a86ce8dc5a70d307dca625fb50e7) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    2011/05/27 20:49:08.0015 2804 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2011/05/27 20:49:08.0109 2804 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2011/05/27 20:49:08.0218 2804 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    2011/05/27 20:49:08.0312 2804 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    2011/05/27 20:49:08.0406 2804 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    2011/05/27 20:49:08.0500 2804 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    2011/05/27 20:49:08.0640 2804 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    2011/05/27 20:49:08.0734 2804 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
    2011/05/27 20:49:09.0203 2804 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2011/05/27 20:49:09.0296 2804 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
    2011/05/27 20:49:09.0421 2804 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    2011/05/27 20:49:09.0531 2804 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2011/05/27 20:49:09.0625 2804 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    2011/05/27 20:49:09.0953 2804 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2011/05/27 20:49:10.0062 2804 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2011/05/27 20:49:10.0171 2804 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2011/05/27 20:49:10.0281 2804 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2011/05/27 20:49:10.0375 2804 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2011/05/27 20:49:10.0468 2804 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2011/05/27 20:49:10.0609 2804 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    2011/05/27 20:49:10.0750 2804 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2011/05/27 20:49:10.0921 2804 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) D:\Documents and Settings\SASDIFSV.SYS
    2011/05/27 20:49:11.0093 2804 SASKUTIL (61db0d0756a99506207fd724e3692b25) D:\Documents and Settings\SASKUTIL.SYS
    2011/05/27 20:49:11.0265 2804 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2011/05/27 20:49:11.0375 2804 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    2011/05/27 20:49:11.0484 2804 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    2011/05/27 20:49:11.0593 2804 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    2011/05/27 20:49:11.0750 2804 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    2011/05/27 20:49:11.0890 2804 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    2011/05/27 20:49:12.0000 2804 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    2011/05/27 20:49:12.0203 2804 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
    2011/05/27 20:49:12.0343 2804 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    2011/05/27 20:49:12.0484 2804 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2011/05/27 20:49:12.0593 2804 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    2011/05/27 20:49:13.0078 2804 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    2011/05/27 20:49:13.0265 2804 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2011/05/27 20:49:13.0390 2804 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2011/05/27 20:49:13.0500 2804 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    2011/05/27 20:49:13.0593 2804 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2011/05/27 20:49:13.0812 2804 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    2011/05/27 20:49:14.0000 2804 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    2011/05/27 20:49:14.0250 2804 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
    2011/05/27 20:49:14.0343 2804 usbccgp (173f317ce0db8e21322e71b7e60a27e:cool: C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    2011/05/27 20:49:14.0453 2804 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2011/05/27 20:49:14.0562 2804 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2011/05/27 20:49:14.0687 2804 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    2011/05/27 20:49:14.0828 2804 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    2011/05/27 20:49:14.0921 2804 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2011/05/27 20:49:15.0031 2804 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    2011/05/27 20:49:15.0187 2804 USRpdA (497f2190e87d58fd68e559e083796edc) C:\WINDOWS\system32\DRIVERS\USRpdA.sys
    2011/05/27 20:49:15.0296 2804 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    2011/05/27 20:49:15.0437 2804 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    2011/05/27 20:49:15.0625 2804 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2011/05/27 20:49:15.0796 2804 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    2011/05/27 20:49:16.0000 2804 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
    2011/05/27 20:49:16.0187 2804 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce:cool: C:\WINDOWS\System32\drivers\ws2ifsl.sys
    2011/05/27 20:49:16.0296 2804 WSTCODEC (c98b39829c2bbd34e454150633c62c7:cool: C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    2011/05/27 20:49:16.0421 2804 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    2011/05/27 20:49:16.0515 2804 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    2011/05/27 20:49:16.0593 2804 MBR (0x1B:cool: (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
    2011/05/27 20:49:16.0687 2804 ================================================================================
    2011/05/27 20:49:16.0687 2804 Scan finished
    2011/05/27 20:49:16.0687 2804 ================================================================================
    2011/05/27 20:49:16.0718 2796 Detected object count: 0
    2011/05/27 20:49:16.0718 2796 Actual detected object count: 0
     
  6. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    That was with something else, forget about cookies right now !

    *

    So far so good :)

    Now Run aswMBR again & post the NEW Log
     
  7. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    cookies are forgotten...

    now the aswMBR is the one I closed out when i sent you the log...

    log here:

    aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
    Run date: 2011-05-27 20:59:39
    -----------------------------
    20:59:39.156 OS Version: Windows 5.1.2600 Service Pack 3
    20:59:39.156 Number of processors: 1 586 0x207
    20:59:39.156 ComputerName: NOBLESSE-P5 UserName: kathy
    20:59:39.406 Initialize success
    20:59:43.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
    20:59:43.609 Disk 0 Vendor: WDC_WD800BB-60CJA1 17.07W17 Size: 76319MB BusType: 3
    20:59:43.640 Disk 0 MBR read successfully
    20:59:43.640 Disk 0 MBR scan
    20:59:43.640 Disk 0 Windows XP default MBR code
    20:59:45.640 Disk 0 scanning sectors +156280320
    20:59:45.671 Disk 0 scanning C:\WINDOWS\system32\drivers
    20:59:52.046 Service scanning
    20:59:53.078 Disk 0 trace - called modules:
    20:59:53.078 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
    20:59:53.078 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87339ab8]
    20:59:53.078 3 CLASSPNP.SYS[f772efd7] -> nt!IofCallDriver -> \Device\00000065[0x873caf18]
    20:59:53.078 5 ACPI.sys[f7690620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x873c8d98]
    20:59:53.078 Scan finished successfully
    21:02:09.343 Disk 0 MBR has been saved successfully to "F:\2011 may PC scan results\MBR.dat"
    21:02:09.343 The log file has been saved successfully to "F:\2011 may PC scan results\may27TDSSKiller.2.5.3.0_27.05.2011_20.48.46_log.txt"


    >>> again, the "fix" option does not light up; only fixMBR...
     
  8. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    Did Anything show in RED on screen in aswMBR ?
     
  9. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    nothing red
     
  10. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    Good :thumb:

    Now Run the MBAM Database Definitions file, Not MBAM itself, but the file you DL'd earlier on. This should update the Actual MBAM App & bring it up to date. Let me know the result.

    Remember, Don't rush, one thing at a time = Very Important.
     
  11. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    i did the update.

    you didn't say to run MBAM, so i have not.

    I'm not sure what results you're looking for?

    it updated...
     
  12. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    Good :thumb:

    Exactly :thumb:

    This

    Now open up another instance of your browser as well as the one you have open here, & find the previous post i made for you with ScreenShots of how to configure MBAM. This is so you can switch from tab to tab quickly and see what to do, whilst still having this page open. But Don't Post in the NEW Tab, or it might confuse you ;)

    Run MBAM & when you've configured it as i showed, start the scan. It might take some time, i can't predict how long, so you may want to leave it running & leave the PC switched on, whilst you do other things and/or come back to see what it's found etc tomorrow. But Don't do Anything else on the PC Until it's finished, & Don't Run Any other scans etc etc afterwards either until i say !

    Let me know NOW what your decision is, so i know what i'm doing :thumb:
     
  13. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    was that day one or?? can you give me an idea of when?

    i could wait an hour-ish, but if it'll be longer than that, it'll have to be tomorrow.

    you've been such a gem.

    off to look for your instructions...
     
  14. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    Feeling doltish...

    you gave screenshots of how to configure SuperAntiblahblah but I'm not finding them for MBAM.

    sorry for time-wasting...
     
  15. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    Post 75 for the 2 open Tabs show how

    *

    I must be getting tired ! It was SAS i showed how to before, anyway you have that for Later.

    Here's how for MBAM i've just done for you

    1.gif

    2.gif

    3.gif

    Make SURE you set ALL as you see in my screenies BEFORE scanning.

    I think i'm going to have to log off Very soon, so after you post back in reply to this i will. But reply Before you Run MBAM
     
  16. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    here is me posting back before I run mba-whatever.

    I see all your screenies

    i WILL ensure that ALL my windows/whatever look just like yours

    I will let it run tonight (10pm my time) and check back in the morning.

    thank you oh so very much, CloneRanger.
     
  17. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    uht oh...

    i just went to malwarebytes and it says its database is outdated.....

    running back over your posts to see if i missed something...

    looked back over your notes...

    i did the update. it said it did the update.

    will it harm to run that again to see if i missed something?
     
  18. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    OK, & do NOT allow MBAM to delete/Remove ANYTHING until you check back with me next time, otherwise you "might" delete things you don't want to :eek:

    See you later
     
  19. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    mup.gif

    It's the updates file you need
     
  20. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    i'll go back and verify.
     
  21. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    I just tried it myself & i get the same 5/5/2011 date for the Updates = wierd :(

    Well anyway not much we can do about it right now, but i do recommend Running a scan anyway. So do that overnight, but do NOT delete etc & i'll check back with you tomorrow.
     
  22. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    yes, that is what i have/did.

    here is the events (sorry, tired, words clumpy)

    i dbl click mbam-rules
    it says do i want to run it
    i say yes
    it asks me which language
    it says "setup" - welcome to malwarebytes anti-malware setup wizard
    it asks me which file i want to save it in
    i click install
    it says - setup has finished installing
    click finish to exit

    does this sound like the right thing?
     
  23. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    ok. i see your msg.

    then i will set my configs like you have, let it scan overngiht

    will not do ANYTHING till i hear from you...

    can you give me an idea of what your timeline is for Saturday?

    i want to give priority to you so if you can tell me what times will work for you, i'll schedule around that.

    i can be on pretty much by 730-8am PST, 10 hrs from now?
     
  24. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    Just had a bad dream, well a Nighmare actually :eek: Woke me up & couldn't get back to sleep. Dreamt i was online trying to sort out someones malware problems who lives thousands of miles away from me. Glad it was only a dream :D

    *

    Yes

    Good

    I'll be out having some well earned fun etc ;) until the evening here. It'll be probably be no sooner than 8PM here. If you're around for some time from round about then onwards, we can do more stuff. If not it'll have to be later, but i will make a point of checking now & then after 8PM ish to see if you've posted and/or are logged in.

    I take it that Avast is no longer popping up with the Rootkit, or any other malware alerts anymore ? If so Good, if it is, make a note of Exactly what & post it.

    In the meantime, if the MBAM scan has finished, post the Log. But do NOT delete etc ANYTHING yet ! Do NOT close it down, just minimise it & leave it sitting there until i'm online. If you close it you will have to the scan ALL over again, if Anything is found ! If you have closed it down, but it found NOTHING then fine & let me know. If it did find something/s then whilst i'm away use that time to Scan again, this time NOTclosing it down ;)

    Also whilst i'm away, if the MBAM Scan isn't happening, you can continue to copy/move Photos/Music from the PC to the Ex HD, if you like. But don't do ANYTHING else on the PC for now !
     
  25. kathyL

    kathyL Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    202
    646am my time; 246pm your time, so i've got a few hours to rock and roll here to get stuff done

    so sorry about the nightmare! glad you woke up before it killed you!

    here is the mbam log:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 6516

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    5/28/2011 12:34:04 AM
    mbam-log-2011-05-28 (00-34-04).txt

    Scan type: Full scan (C:\|D:\|)
    Objects scanned: 297943
    Time elapsed: 2 hour(s), 2 minute(s), 6 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)


    i am satisfied about the photos and music copied; just need to look at pgms...
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.