Results 1 to 9 of 9

Thread: runtime error latest updates

  1. #1
    Member
    Join Date
    May 2007
    Posts
    64

    Default runtime error latest updates

    the new updates seems to have caused a runtime error;please advise.

    thanks

  2. #2
    Member
    Join Date
    May 2007
    Posts
    64

    Default

    its been 4 days now please help.
    esp since its been sujested this is a virus.


    http://forums.spybot.info/showthread...d=1#post325783


    btw i have done the obvious like un installing,re installing,running checkdisk,online scanner.
    Last edited by kinos; 2009-08-01 at 21:29. Reason: updated info.

  3. #3
    Senior Member
    Join Date
    Oct 2005
    Location
    Germany
    Posts
    5,263

    Default

    Hello,

    This problem you experience may be caused by an infection. Just to make sure you are not infected with a rootkit, please run a scan for rootkits. Rootkits are a technology that is more and more often used by malware to hide themselves on system level, making themselves invisible to standard tools. Our RootAlyzer shows you anything that uses certain rootkit technologies, even if it's not in Spybot-S&Ds detection database.

    The RootAlyzer is a single tool which goes through the file system, the registry and process related lists. When you start RootAlyzer, it performs a very quick scan of a few important places, taking about a second on modern machines. To check the full system, you have the possibility of choosing a Deep Scan.

    Currently, the RootAlyzer is a work in progress (with a new project tools category in our forum to track bugs and feature requests), but it's already helping to easily locate most of the current malware rootkits. It is compatible with Windows NT/2000/XP/2k3 and Vista. If you like to check out the new RootAlyzer you will find it in our forum: http://forums.spybot.info/showthread.php?t=24185

    Here is also the direct download link.

    Please set your computer to show all files.

    * Double-click My Computer.

    * Click the Tools menu, and then click Folder Options.

    * Click the View tab.

    * Clear "Hide file extensions for known file types."

    * Under the "Hidden files" folder, select "Show hidden files and folders."

    * Clear "Hide protected operating system files."

    * Click Apply, and then click OK.

    Please select the tab 'deep scan' and let it fully scan your Pc. The scan will take a moment, please be patient. After the scan is done please click on 'pack suspicious files' which is located right at the bottom. This will create a .cab file on your desktop which contains the log and the suspicious files the scan has found. Please send us an e-mail (with this .cab file as attachment) to: detections(at)spybot.info .

    Please also download gmer: www.gmer.net and let it do a full scan on your Pc. Subsequent you will be allowed to save the log created during the scan. Please also send us this log.

    Thanks!

    Best regards
    Sandra
    Team Spybot

  4. #4
    Junior Member
    Join Date
    Nov 2005
    Location
    Nova Scotia
    Posts
    12

    Default

    Quote Originally Posted by spybotsandra View Post
    Hello,

    ...Just to make sure you are not infected with a rootkit, please run a scan for rootkits.
    ... To check the full system, you have the possibility of choosing a Deep Scan.
    <snip>
    Please send us an e-mail (with this .cab file as attachment) to: detections(at)spybot.info .

    Please also download gmer: www.gmer.net and let it do a full scan

    Sandra
    Team Spybot
    I sent the RootAlyzer .cab results - it's 30MB! Maybe I should have asked first.

    Also ran GMER. got this error:

    hw6jckkj.exe has generated errors & will be closed by Win.
    U will need to restart prog. An error log is being created. OK.


    Can't find the error log, and will try to re-run GMER later. Wife just called, "Supper's ready!" So I better go.

    Thanks to you techs for helping!
    Dugie
    Win 2000 Pro SP 4, AMD Sempron 3000

  5. #5
    Member
    Join Date
    May 2007
    Posts
    64

    Default

    hi spybotsandra.
    hope the days good to you.

    (dugie it mabye best to start your own thread,no offence at all,one iota,its just going to make hard work for the helper if theres multiple logs from various pps,and you will get better help that way,best wishes,as said,deff no offence ment)

    save the chit chat alought i certaily appreciate your help (and wish you the best dugie)

    i did get infected by the Bck/IRCBot.CPW Virus.
    found on a online scan,delted.also my hi-jack this log (not inc.) looks clean.i also checked my ports to see if any where open came up as true stealth (none open)

    i had unistaled spybot btw so it wont show up in any logs.
    re-installed after i ran sfc scandisk.

    also the log is after running sfc scandisk.



    first log;:: RootAlyzer Results
    File:"No admin in ACL","C:\WINDOWS\Temp\ZLT0456a.TMP"
    File:"No admin in ACL","C:\WINDOWS\Temp\ZLT0462e.TMP"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\fwdbglog.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\fwpktlog.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\IAMDB.RDB"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\installer_040809105910.log"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\installer_040909231505.log"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\installer_04100900745.log"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\SWAN-4C3J4J62S4.ldb"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\tvDebug.log"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\tvDebug.Zip"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\vsmon_2nd_2009_05_30_01_06_56_small.dmp.zip"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\vsmon_2nd_2009_06_11_02_31_43_small.dmp.zip"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\vsmon_2nd_2009_08_02_09_50_51_small.dmp.zip"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\vsmon_on_demand_thread_2009_07_30_02_03_49_full.dmp.zip"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\xDB1.tmp"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\xDB2.tmp"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\xDB3.tmp"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\xDB4.tmp"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\xDB5.tmp"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.08.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.09.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.10.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.11.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.12.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.13.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.14.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.15.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.16.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.17.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.18.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.19.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.20.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.04.21.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.05.06.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.05.07.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.05.08.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.05.09.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.05.10.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.05.11.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.05.12.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.05.13.txt"
    File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.05.14.txt"
    Directory:"No admin in ACL","C:\WINDOWS\Internet Logs"
    Directory:"No admin in ACL","C:\Program Files\NOS"
    Directory:"No admin in ACL","C:\Documents and Settings\All Users\Application Data\NOS"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\","NOS"

    2nd log (this one is when i opened the gmer and it auto scanned)

    GMER 1.0.15.15011 [ni0secuj.exe] - http://www.gmer.net
    Rootkit scan 2009-08-05 01:49:16
    Windows 5.1.2600 Service Pack 3


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs ssfs0bbc.sys (Spy Sweeper FileSystem Filter Driver/Webroot Software, Inc. (www.webroot.com))
    AttachedDevice \FileSystem\Fastfat \Fat ssfs0bbc.sys (Spy Sweeper FileSystem Filter Driver/Webroot Software, Inc. (www.webroot.com))

    Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    Device \Driver\Tcpip \Device\Ip 85A83660
    Device \Driver\Tcpip \Device\Ip 85B55DF0
    Device \Driver\Tcpip \Device\Ip 8573A568
    Device \Driver\Tcpip \Device\Ip 856FA568
    Device \Driver\Tcpip \Device\Ip 859D2910
    Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    Device \Driver\Tcpip \Device\Tcp 85A83660
    Device \Driver\Tcpip \Device\Tcp 85B55DF0
    Device \Driver\Tcpip \Device\Tcp 8573A568
    Device \Driver\Tcpip \Device\Tcp 856FA568
    Device \Driver\Tcpip \Device\Tcp 859D2910
    Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    Device \Driver\Tcpip \Device\Udp 85A83660
    Device \Driver\Tcpip \Device\Udp 85B55DF0
    Device \Driver\Tcpip \Device\Udp 8573A568
    Device \Driver\Tcpip \Device\Udp 856FA568
    Device \Driver\Tcpip \Device\Udp 859D2910
    Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    Device \Driver\Tcpip \Device\RawIp 85A83660
    Device \Driver\Tcpip \Device\RawIp 85B55DF0
    Device \Driver\Tcpip \Device\RawIp 8573A568
    Device \Driver\Tcpip \Device\RawIp 856FA568
    Device \Driver\Tcpip \Device\RawIp 859D2910

    ---- EOF - GMER 1.0.15 ----

    3rd log; (scan for rootkits/malware)

    GMER 1.0.15.15011 [ni0secuj.exe] - http://www.gmer.net
    Rootkit scan 2009-08-05 03:25:38
    Windows 5.1.2600 Service Pack 3


    ---- System - GMER 1.0.15 ----

    SSDT 85B9B990 ZwAllocateVirtualMemory
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwConnectPort [0xF4B2BFC0]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateFile [0xF4B28C80]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateKey [0xF4B43170]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreatePort [0xF4B2C580]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateProcess [0xF4B40900]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateProcessEx [0xF4B40B10]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateSection [0xF4B44B10]
    SSDT 85B9BC60 ZwCreateThread
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateWaitablePort [0xF4B2C670]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwDeleteFile [0xF4B29210]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwDeleteKey [0xF4B439F0]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwDeleteValueKey [0xF4B437A0]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwDuplicateObject [0xF4B40280]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwLoadKey [0xF4B43F10]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwLoadKey2 [0xF4B43F90]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwOpenFile [0xF4B29070]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwOpenProcess [0xF4B42180]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwOpenThread [0xF4B41F40]
    SSDT 85B9BA08 ZwQueueApcThread
    SSDT 85B9B8A0 ZwReadVirtualMemory
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwRenameKey [0xF4B446F0]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwReplaceKey [0xF4B44150]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwRequestWaitReplyPort [0xF4B2BBE0]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwRestoreKey [0xF4B44540]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSecureConnectPort [0xF4B2C190]
    SSDT 85B9BAF8 ZwSetContextThread
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSetInformationFile [0xF4B29440]
    SSDT 85B9B020 ZwSetInformationKey
    SSDT 85B9BD50 ZwSetInformationProcess
    SSDT 85B9BB70 ZwSetInformationThread
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSetValueKey [0xF4B434E0]
    SSDT 85B9BCD8 ZwSuspendProcess
    SSDT 85B9BA80 ZwSuspendThread
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSystemDebugControl [0xF4B41200]
    SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xF4ACBDF0]
    SSDT 85B9BBE8 ZwTerminateThread
    SSDT 85B9B918 ZwWriteVirtualMemory

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntoskrnl.exe!_abnormal_termination + 104 804E2760 12 Bytes [80, C5, B2, F4, 00, 09, B4, ...] {ADD CH, 0xb2; HLT ; ADD [ECX], CL; MOV AH, 0xf4; ADC [EBX], CL; MOV AH, 0xf4}
    .text ntoskrnl.exe!_abnormal_termination + 440 804E2A9C 12 Bytes [D8, BC, B9, 85, 80, BA, B9, ...]
    ? srescan.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe[1932] kernel32.dll!CreateThread + 1A 7C8106F1 4 Bytes CALL 00450771 C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Spy Sweeper Client Executable/Webroot Software, Inc.)
    .text C:\Program Files\Webroot\WebrootSecurity\SSU.EXE[2272] ntdll.dll!KiUserExceptionDispatcher + 9 7C90E485 5 Bytes JMP 00017DB0 C:\Program Files\Webroot\WebrootSecurity\SSU.EXE (Spy Sweeper SSU/Webroot Software, Inc. (www.webroot.com))
    .text C:\Program Files\Webroot\WebrootSecurity\SSU.EXE[2272] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00016000 C:\Program Files\Webroot\WebrootSecurity\SSU.EXE (Spy Sweeper SSU/Webroot Software, Inc. (www.webroot.com))
    .text C:\Program Files\Webroot\WebrootSecurity\SSU.EXE[2272] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 000169B0 C:\Program Files\Webroot\WebrootSecurity\SSU.EXE (Spy Sweeper SSU/Webroot Software, Inc. (www.webroot.com))
    .text C:\Program Files\Webroot\WebrootSecurity\SSU.EXE[2272] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00016000 C:\Program Files\Webroot\WebrootSecurity\SSU.EXE (Spy Sweeper SSU/Webroot Software, Inc. (www.webroot.com))
    .text C:\Program Files\Webroot\WebrootSecurity\SSU.EXE[2272] kernel32.dll!VirtualAlloc 7C809AF1 5 Bytes JMP 00016960 C:\Program Files\Webroot\WebrootSecurity\SSU.EXE (Spy Sweeper SSU/Webroot Software, Inc. (www.webroot.com))
    .text C:\Program Files\Webroot\WebrootSecurity\SSU.EXE[2272] kernel32.dll!VirtualFree 7C809B84 5 Bytes JMP 00016990 C:\Program Files\Webroot\WebrootSecurity\SSU.EXE (Spy Sweeper SSU/Webroot Software, Inc. (www.webroot.com))

    ---- Kernel IAT/EAT - GMER 1.0.15 ----

    IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] 85B9B730
    IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] 85B9B828
    IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F4B30B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F4B30930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F4B31260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F4B2EE90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F4B2EE90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F4B30B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F4B30930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F4B31260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F4B30B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F4B2EE90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F4B31260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F4B30930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F4B31260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F4B30930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F4B30B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateFile] [F4B49B30] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F4B2EE90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F4B30B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F4B30930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F4B31260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F4B30B20] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F4B2EE90] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F4B31260] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F4B30930] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtSetInformationFile] [F4B298D0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateFile] [F4B29A80] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtCreateFile] [F4B295E0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!NtOpenFile] [F4B29980] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs ssfs0bbc.sys (Spy Sweeper FileSystem Filter Driver/Webroot Software, Inc. (www.webroot.com))

    Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    Device \Driver\Tcpip \Device\Ip 85A83660
    Device \Driver\Tcpip \Device\Ip 85B55DF0
    Device \Driver\Tcpip \Device\Ip 8573A568
    Device \Driver\Tcpip \Device\Ip 856FA568
    Device \Driver\Tcpip \Device\Ip 859D2910
    Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    Device \Driver\Tcpip \Device\Tcp 85A83660
    Device \Driver\Tcpip \Device\Tcp 85B55DF0
    Device \Driver\Tcpip \Device\Tcp 8573A568
    Device \Driver\Tcpip \Device\Tcp 856FA568
    Device \Driver\Tcpip \Device\Tcp 859D2910
    Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    Device \Driver\Tcpip \Device\Udp 85A83660
    Device \Driver\Tcpip \Device\Udp 85B55DF0
    Device \Driver\Tcpip \Device\Udp 8573A568
    Device \Driver\Tcpip \Device\Udp 856FA568
    Device \Driver\Tcpip \Device\Udp 859D2910
    Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    Device \Driver\Tcpip \Device\RawIp 85A83660
    Device \Driver\Tcpip \Device\RawIp 85B55DF0
    Device \Driver\Tcpip \Device\RawIp 8573A568
    Device \Driver\Tcpip \Device\RawIp 856FA568
    Device \Driver\Tcpip \Device\RawIp 859D2910
    Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)
    Device \Driver\Tcpip \Device\IPMULTICAST 85A83660
    Device \Driver\Tcpip \Device\IPMULTICAST 85B55DF0
    Device \Driver\Tcpip \Device\IPMULTICAST 8573A568
    Device \Driver\Tcpip \Device\IPMULTICAST 856FA568
    Device \Driver\Tcpip \Device\IPMULTICAST 859D2910

    AttachedDevice \FileSystem\Fastfat \Fat ssfs0bbc.sys (Spy Sweeper FileSystem Filter Driver/Webroot Software, Inc. (www.webroot.com))

    ---- EOF - GMER 1.0.15 ----
    Last edited by kinos; 2009-08-05 at 09:00. Reason: tyops.

  6. #6
    Junior Member
    Join Date
    Nov 2005
    Location
    Nova Scotia
    Posts
    12

    Default

    Quote Originally Posted by kinos View Post
    hi spybotsandra.
    hope the days good to you.

    (dugie it mabye best to start your own thread,no offence at all,one iota,its just going to make hard work for the helper if theres multiple logs from various pps,and you will get better help that way,best wishes,as said,deff no offence ment)
    No offense taken, thanks for the suggestion.
    There are so many threads, I am not sure where to post.
    Dugie
    Win 2000 Pro SP 4, AMD Sempron 3000

  7. #7
    Member
    Join Date
    May 2007
    Posts
    64

    Default

    fyi the new updates didnt fix the problem.

  8. #8
    Member
    Join Date
    May 2007
    Posts
    64

    Default

    this may help.

    its only if i enable the file set trojan.sbi the runtime error happens.
    all other file sets dont produce this error.
    I.E;if i unable the trojan.sbi file set i dont recive any errors.

  9. #9
    Member of Team Spybot Buster's Avatar
    Join Date
    Oct 2005
    Location
    Bochum/Germany
    Posts
    389

    Default

    Thanks for this information. We are currently working on this issue to be fixed.
    "The advantage of wisdom is that you can always act the fool. The opposite is quite tough."

    K. Tucholsky

    _______________________________________________________________

    Please help us improve Spybot and download our distributed testing client.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •