Page 4 of 4 FirstFirst 1234
Results 31 to 40 of 40

Thread: Trogan/virus

  1. 2012-01-20, 19:01 #31
    bluefishbeagle
    bluefishbeagle is offline
    Member
    Join Date
    Apr 2008
    Posts
    82

    Default

    The scan from VirusTotal was ok herel the result:

    SHA256: 1187559016b58539b1e58144146b8c76dfc448c2b35360ce35a148335e86f225
    SHA1: 4792b0335a85df90ccfd2cffe9e1e0e6e9c87de5
    MD5: 474d3dccb57defcd917311eec47204b9
    File size: 353.1 KB ( 361600 bytes )
    File type: Win32 EXE
    Detection ratio: 0 / 41
    Analysis date: 2012-01-20 17:35:49 UTC ( 4 minutes ago )


    ***************************************

    Scan fromTDSSKiller











    11:55:24.0881 1732 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
    11:55:36.0347 1732 ============================================================
    11:55:36.0347 1732 Current date / time: 2012/01/20 11:55:36.0347
    11:55:36.0347 1732 SystemInfo:
    11:55:36.0347 1732
    11:55:36.0347 1732 OS Version: 5.1.2600 ServicePack: 3.0
    11:55:36.0347 1732 Product type: Workstation
    11:55:36.0347 1732 ComputerName: HASSELCOMPUTER
    11:55:36.0357 1732 UserName: Administrator
    11:55:36.0357 1732 Windows directory: C:\WINDOWS
    11:55:36.0357 1732 System windows directory: C:\WINDOWS
    11:55:36.0357 1732 Processor architecture: Intel x86
    11:55:36.0357 1732 Number of processors: 1
    11:55:36.0357 1732 Page size: 0x1000
    11:55:36.0357 1732 Boot type: Normal boot
    11:55:36.0357 1732 ============================================================
    11:55:39.0472 1732 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    11:55:39.0542 1732 Initialize success
    11:55:41.0425 0688 ============================================================
    11:55:41.0425 0688 Scan started
    11:55:41.0425 0688 Mode: Manual;
    11:55:41.0425 0688 ============================================================
    11:55:42.0256 0688 Abiosdsk - ok
    11:55:42.0276 0688 abp480n5 - ok
    11:55:42.0356 0688 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    11:55:42.0366 0688 ACPI - ok
    11:55:42.0566 0688 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    11:55:42.0576 0688 ACPIEC - ok
    11:55:42.0737 0688 adpu160m - ok
    11:55:42.0807 0688 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    11:55:42.0817 0688 aec - ok
    11:55:43.0017 0688 AFD (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:\WINDOWS\System32\drivers\afd.sys
    11:55:43.0027 0688 AFD - ok
    11:55:43.0217 0688 AgereSoftModem (55188b7c84a4c5e73e0680f744c4561d) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
    11:55:43.0257 0688 AgereSoftModem - ok
    11:55:43.0418 0688 Aha154x - ok
    11:55:43.0448 0688 aic78u2 - ok
    11:55:43.0478 0688 aic78xx - ok
    11:55:43.0518 0688 AliIde - ok
    11:55:43.0548 0688 amsint - ok
    11:55:43.0628 0688 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    11:55:43.0638 0688 Arp1394 - ok
    11:55:43.0828 0688 asc - ok
    11:55:43.0858 0688 asc3350p - ok
    11:55:43.0888 0688 asc3550 - ok
    11:55:43.0968 0688 Aspi32 (5b01af89d16d562825c4db4530f20cbb) C:\WINDOWS\system32\drivers\Aspi32.sys
    11:55:43.0968 0688 Aspi32 - ok
    11:55:44.0439 0688 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    11:55:44.0449 0688 AsyncMac - ok
    11:55:44.0689 0688 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    11:55:44.0689 0688 atapi - ok
    11:55:44.0860 0688 Atdisk - ok
    11:55:44.0930 0688 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    11:55:44.0940 0688 Atmarpc - ok
    11:55:45.0140 0688 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    11:55:45.0140 0688 audstub - ok
    11:55:45.0270 0688 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    11:55:45.0270 0688 Beep - ok
    11:55:45.0410 0688 catchme - ok
    11:55:45.0621 0688 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    11:55:45.0631 0688 cbidf2k - ok
    11:55:45.0821 0688 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    11:55:45.0831 0688 CCDECODE - ok
    11:55:45.0991 0688 cd20xrnt - ok
    11:55:46.0061 0688 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    11:55:46.0071 0688 Cdaudio - ok
    11:55:46.0282 0688 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    11:55:46.0282 0688 Cdfs - ok
    11:55:46.0492 0688 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    11:55:46.0492 0688 Cdrom - ok
    11:55:46.0662 0688 Changer - ok
    11:55:46.0742 0688 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    11:55:46.0752 0688 CmBatt - ok
    11:55:46.0883 0688 CmdIde - ok
    11:55:46.0963 0688 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    11:55:46.0963 0688 Compbatt - ok
    11:55:47.0173 0688 Cpqarray - ok
    11:55:47.0353 0688 dac2w2k - ok
    11:55:47.0443 0688 dac960nt - ok
    11:55:47.0533 0688 Disk (47b6aaec570f2c11d8bad80a064d8ed1) C:\WINDOWS\system32\DRIVERS\disk.sys
    11:55:47.0533 0688 Disk - ok
    11:55:47.0714 0688 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    11:55:47.0754 0688 dmboot - ok
    11:55:47.0924 0688 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    11:55:47.0964 0688 dmio - ok
    11:55:48.0154 0688 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    11:55:48.0154 0688 dmload - ok
    11:55:48.0305 0688 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    11:55:48.0315 0688 DMusic - ok
    11:55:48.0465 0688 dpti2o - ok
    11:55:48.0555 0688 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    11:55:48.0565 0688 drmkaud - ok
    11:55:48.0785 0688 exFat (4d893323dae445e34a4c9038b0551bc9) C:\WINDOWS\system32\drivers\exFat.sys
    11:55:48.0795 0688 exFat - ok
    11:55:49.0026 0688 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    11:55:49.0026 0688 Fastfat - ok
    11:55:49.0216 0688 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    11:55:49.0216 0688 Fdc - ok
    11:55:49.0426 0688 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    11:55:49.0426 0688 Fips - ok
    11:55:49.0637 0688 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    11:55:49.0647 0688 Flpydisk - ok
    11:55:49.0727 0688 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
    11:55:49.0727 0688 FltMgr - ok
    11:55:49.0947 0688 Fs_Rec (30d42943a54704ef13e2562911dbfcea) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    11:55:49.0947 0688 Fs_Rec - ok
    11:55:50.0187 0688 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    11:55:50.0197 0688 Ftdisk - ok
    11:55:50.0388 0688 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    11:55:50.0388 0688 Gpc - ok
    11:55:50.0578 0688 hpn - ok
    11:55:50.0668 0688 HTTP (937031c085718c1c04a9c0864625ec6b) C:\WINDOWS\system32\Drivers\HTTP.sys
    11:55:50.0688 0688 HTTP - ok
    11:55:50.0848 0688 i2omgmt - ok
    11:55:50.0878 0688 i2omp - ok
    11:55:50.0948 0688 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    11:55:50.0958 0688 i8042prt - ok
    11:55:51.0199 0688 ialm (1b49ec451363cbbf8d0549d4fd78072c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
    11:55:51.0199 0688 ialm - ok
    11:55:51.0419 0688 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    11:55:51.0429 0688 Imapi - ok
    11:55:51.0599 0688 ini910u - ok
    11:55:51.0679 0688 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
    11:55:51.0679 0688 IntelIde - ok
    11:55:51.0860 0688 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    11:55:51.0860 0688 intelppm - ok
    11:55:52.0100 0688 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
    11:55:52.0110 0688 Ip6Fw - ok
    11:55:52.0320 0688 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    11:55:52.0320 0688 IpFilterDriver - ok
    11:55:52.0521 0688 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    11:55:52.0531 0688 IpInIp - ok
    11:55:52.0661 0688 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    11:55:52.0671 0688 IpNat - ok
    11:55:52.0791 0688 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    11:55:52.0801 0688 IPSec - ok
    11:55:53.0021 0688 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
    11:55:53.0031 0688 irda - ok
    11:55:53.0162 0688 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    11:55:53.0162 0688 IRENUM - ok
    11:55:53.0282 0688 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    11:55:53.0292 0688 isapnp - ok
    11:55:53.0512 0688 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    11:55:53.0512 0688 Kbdclass - ok
    11:55:53.0592 0688 kl1 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\WINDOWS\system32\DRIVERS\kl1.sys
    11:55:53.0602 0688 kl1 - ok
    11:55:53.0883 0688 KLIF (a11c971434468fa05815eec8228d63fd) C:\WINDOWS\system32\DRIVERS\klif.sys
    11:55:53.0893 0688 KLIF - ok
    11:55:54.0143 0688 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    11:55:54.0153 0688 kmixer - ok
    11:55:54.0373 0688 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
    11:55:54.0373 0688 KSecDD - ok
    11:55:54.0554 0688 lbrtfdc - ok
    11:55:54.0674 0688 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    11:55:54.0684 0688 mnmdd - ok
    11:55:54.0894 0688 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    11:55:54.0904 0688 Modem - ok
    11:55:54.0974 0688 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    11:55:54.0974 0688 Mouclass - ok
    11:55:55.0255 0688 MountMgr (1a1faa5102466f418494e94ff9b0b091) C:\WINDOWS\system32\drivers\MountMgr.sys
    11:55:55.0255 0688 MountMgr - ok
    11:55:55.0345 0688 mraid35x - ok
    11:55:55.0455 0688 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    11:55:55.0455 0688 MREMP50 - ok
    11:55:55.0495 0688 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    11:55:55.0495 0688 MRESP50 - ok
    11:55:55.0715 0688 MRxDAV (4fefd389d71126ee581b9f9cb2918be4) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    11:55:55.0725 0688 MRxDAV - ok
    11:55:55.0986 0688 MRxSmb (fb2fccc70f7174c7bf64f48e96d3adf4) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    11:55:56.0006 0688 MRxSmb - ok
    11:55:56.0246 0688 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    11:55:56.0246 0688 Msfs - ok
    11:55:56.0466 0688 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    11:55:56.0476 0688 MSKSSRV - ok
    11:55:56.0677 0688 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    11:55:56.0677 0688 MSPCLOCK - ok
    11:55:56.0787 0688 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    11:55:56.0797 0688 MSPQM - ok
    11:55:56.0887 0688 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    11:55:56.0887 0688 mssmbios - ok
    11:55:57.0017 0688 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    11:55:57.0017 0688 MSTEE - ok
    11:55:57.0257 0688 Mup (f7b1ad991491f02af6da70b00b8bf114) C:\WINDOWS\system32\drivers\Mup.sys
    11:55:57.0267 0688 Mup - ok
    11:55:57.0478 0688 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    11:55:57.0488 0688 NABTSFEC - ok
    11:55:57.0738 0688 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    11:55:57.0748 0688 NDIS - ok
    11:55:57.0928 0688 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    11:55:57.0928 0688 NdisIP - ok
    11:55:58.0079 0688 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    11:55:58.0079 0688 NdisTapi - ok
    11:55:58.0159 0688 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    11:55:58.0169 0688 Ndisuio - ok
    11:55:58.0309 0688 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    11:55:58.0319 0688 NdisWan - ok
    11:55:58.0409 0688 NDProxy (816460bd4b4acd27937d1d0813e2e9e9) C:\WINDOWS\system32\drivers\NDProxy.sys
    11:55:58.0409 0688 NDProxy - ok
    11:55:58.0539 0688 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    11:55:58.0539 0688 NetBIOS - ok
    11:55:58.0669 0688 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    11:55:58.0680 0688 NetBT - ok
    11:55:58.0930 0688 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    11:55:58.0940 0688 NIC1394 - ok
    11:55:59.0130 0688 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    11:55:59.0140 0688 Npfs - ok
    11:55:59.0200 0688 Ntfs (4c51d5275ae8a16999edfe7e647d00de) C:\WINDOWS\system32\drivers\Ntfs.sys
    11:55:59.0220 0688 Ntfs - ok
    11:55:59.0451 0688 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    11:55:59.0451 0688 Null - ok
    11:55:59.0661 0688 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    11:55:59.0671 0688 NwlnkFlt - ok
    11:55:59.0691 0688 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    11:55:59.0701 0688 NwlnkFwd - ok
    11:55:59.0771 0688 ohci1394 (2553f7c60b8d291b5a812245e6d4da6e) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    11:55:59.0781 0688 ohci1394 - ok
    11:56:00.0001 0688 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    11:56:00.0001 0688 Parport - ok
    11:56:00.0202 0688 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    11:56:00.0212 0688 PartMgr - ok
    11:56:00.0332 0688 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    11:56:00.0342 0688 ParVdm - ok
    11:56:00.0582 0688 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    11:56:00.0582 0688 PCI - ok
    11:56:00.0742 0688 PCIDump - ok
    11:56:00.0803 0688 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    11:56:00.0813 0688 PCIIde - ok
    11:56:01.0023 0688 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    11:56:01.0033 0688 Pcmcia - ok
    11:56:01.0213 0688 PDCOMP - ok
    11:56:01.0243 0688 PDFRAME - ok
    11:56:01.0273 0688 PDRELI - ok
    11:56:01.0303 0688 PDRFRAME - ok
    11:56:01.0323 0688 perc2 - ok
    11:56:01.0353 0688 perc2hib - ok
    11:56:01.0484 0688 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    11:56:01.0484 0688 PptpMiniport - ok
    11:56:01.0694 0688 PSched (d8e11d311785f89f1d70a28b0e879127) C:\WINDOWS\system32\DRIVERS\psched.sys
    11:56:01.0704 0688 PSched - ok
    11:56:01.0814 0688 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    11:56:01.0814 0688 Ptilink - ok
    11:56:01.0924 0688 PxHelp20 (42d4c34300405d9f377e55f5ddadd720) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
    11:56:01.0934 0688 PxHelp20 - ok
    11:56:02.0054 0688 ql1080 - ok
    11:56:02.0104 0688 Ql10wnt - ok
    11:56:02.0155 0688 ql12160 - ok
    11:56:02.0185 0688 ql1240 - ok
    11:56:02.0205 0688 ql1280 - ok
    11:56:02.0265 0688 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    11:56:02.0265 0688 RasAcd - ok
    11:56:02.0445 0688 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
    11:56:02.0455 0688 Rasirda - ok
    11:56:02.0575 0688 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    11:56:02.0575 0688 Rasl2tp - ok
    11:56:02.0675 0688 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    11:56:02.0675 0688 RasPppoe - ok
    11:56:02.0815 0688 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    11:56:02.0825 0688 Raspti - ok
    11:56:02.0956 0688 Rdbss (77050c6615f6eb5402f832b27fd695e0) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    11:56:02.0966 0688 Rdbss - ok
    11:56:03.0186 0688 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    11:56:03.0196 0688 RDPCDD - ok
    11:56:03.0386 0688 rdpdr (47ea20320e3d6fdc7b7bb22b2b881ca6) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    11:56:03.0396 0688 rdpdr - ok
    11:56:03.0637 0688 RDPWD (3348e61a78ba4f79c795aad6565d3b6f) C:\WINDOWS\system32\drivers\RDPWD.sys
    11:56:03.0647 0688 RDPWD - ok
    11:56:03.0927 0688 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    11:56:03.0937 0688 redbook - ok
    11:56:04.0177 0688 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
    11:56:04.0177 0688 RTL8023xp - ok
    11:56:04.0428 0688 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    11:56:04.0438 0688 Secdrv - ok
    11:56:04.0668 0688 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    11:56:04.0668 0688 serenum - ok
    11:56:04.0808 0688 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    11:56:04.0818 0688 Serial - ok
    11:56:04.0928 0688 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    11:56:04.0928 0688 Sfloppy - ok
    11:56:05.0219 0688 Si3112 (f459dd5ee69d4b68cb6767c9731b5faf) C:\WINDOWS\system32\drivers\Si3112.sys
    11:56:05.0229 0688 Si3112 - ok
    11:56:05.0359 0688 Simbad - ok
    11:56:05.0459 0688 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    11:56:05.0459 0688 SLIP - ok
    11:56:05.0690 0688 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys
    11:56:05.0700 0688 SMCIRDA - ok
    11:56:05.0860 0688 Sparrow - ok
    11:56:05.0930 0688 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    11:56:05.0940 0688 splitter - ok
    11:56:06.0220 0688 sptd (ca9a2690a2b53662565654b48f7ae68f) C:\WINDOWS\System32\Drivers\sptd.sys
    11:56:06.0220 0688 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: ca9a2690a2b53662565654b48f7ae68f
    11:56:06.0220 0688 sptd ( LockedFile.Multi.Generic ) - warning
    11:56:06.0220 0688 sptd - detected LockedFile.Multi.Generic (1)
    11:56:06.0401 0688 Sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    11:56:06.0421 0688 Sr - ok
    11:56:06.0521 0688 Srv (9b390283569ea58d43d2586032b892f5) C:\WINDOWS\system32\DRIVERS\srv.sys
    11:56:06.0531 0688 Srv - ok
    11:56:06.0741 0688 STAC97 (94958b68384bb931f571cd35bb65028d) C:\WINDOWS\system32\drivers\STAC97.sys
    11:56:06.0761 0688 STAC97 - ok
    11:56:06.0991 0688 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    11:56:06.0991 0688 streamip - ok
    11:56:07.0222 0688 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    11:56:07.0232 0688 swenum - ok
    11:56:07.0442 0688 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    11:56:07.0452 0688 swmidi - ok
    11:56:07.0612 0688 symc810 - ok
    11:56:07.0642 0688 symc8xx - ok
    11:56:07.0672 0688 sym_hi - ok
    11:56:07.0702 0688 sym_u3 - ok
    11:56:07.0783 0688 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    11:56:07.0783 0688 sysaudio - ok
    11:56:08.0043 0688 Tcpip (474d3dccb57defcd917311eec47204b9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    11:56:08.0063 0688 Tcpip - ok
    11:56:08.0263 0688 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    11:56:08.0273 0688 TDPIPE - ok
    11:56:08.0373 0688 TDTCP (c0578456f29e5f26285f81b7b71fe57d) C:\WINDOWS\system32\drivers\TDTCP.sys
    11:56:08.0383 0688 TDTCP - ok
    11:56:08.0474 0688 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    11:56:08.0484 0688 TermDD - ok
    11:56:08.0604 0688 TosIde - ok
    11:56:08.0684 0688 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    11:56:08.0684 0688 Udfs - ok
    11:56:08.0754 0688 ultra - ok
    11:56:09.0034 0688 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    11:56:09.0064 0688 Update - ok
    11:56:09.0265 0688 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    11:56:09.0265 0688 usbccgp - ok
    11:56:09.0495 0688 usbehci (52674b5dbee499342a599c7771abecaa) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    11:56:09.0495 0688 usbehci - ok
    11:56:09.0675 0688 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    11:56:09.0675 0688 usbhub - ok
    11:56:09.0775 0688 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    11:56:09.0785 0688 usbscan - ok
    11:56:09.0996 0688 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    11:56:09.0996 0688 USBSTOR - ok
    11:56:10.0206 0688 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    11:56:10.0216 0688 usbuhci - ok
    11:56:10.0426 0688 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    11:56:10.0436 0688 usbvideo - ok
    11:56:10.0637 0688 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    11:56:10.0647 0688 VgaSave - ok
    11:56:10.0817 0688 ViaIde - ok
    11:56:10.0887 0688 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    11:56:10.0897 0688 VolSnap - ok
    11:56:11.0127 0688 vsdatant (1045d05bbd5170565927d7653346c961) C:\WINDOWS\system32\vsdatant.sys
    11:56:11.0228 0688 vsdatant - ok
    11:56:11.0488 0688 w70n51 (8e5cf571c00c806ed7c08dbb74356646) C:\WINDOWS\system32\DRIVERS\w70n51.sys
    11:56:11.0518 0688 w70n51 - ok
    11:56:11.0718 0688 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    11:56:11.0718 0688 Wanarp - ok
    11:56:11.0889 0688 WDICA - ok
    11:56:11.0969 0688 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    11:56:11.0979 0688 wdmaud - ok
    11:56:12.0289 0688 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    11:56:12.0289 0688 WS2IFSL - ok
    11:56:12.0499 0688 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    11:56:12.0509 0688 WSTCODEC - ok
    11:56:12.0720 0688 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    11:56:12.0730 0688 WudfPf - ok
    11:56:12.0910 0688 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    11:56:12.0920 0688 WudfRd - ok
    11:56:13.0020 0688 {6080A529-897E-4629-A488-ABA0C29B635E} (a7ab6e6fcb5d9276160d9998593638e3) C:\WINDOWS\system32\drivers\ialmsbw.sys
    11:56:13.0030 0688 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
    11:56:13.0270 0688 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d9c1c60a4e414052e30dbb2800f0893a) C:\WINDOWS\system32\drivers\ialmkchw.sys
    11:56:13.0281 0688 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
    11:56:13.0321 0688 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
    11:56:13.0551 0688 \Device\Harddisk0\DR0 - ok
    11:56:13.0581 0688 Boot (0x1200) (ca4c82ff5ce81bf5e3b095fdd0b5f4fa) \Device\Harddisk0\DR0\Partition0
    11:56:13.0581 0688 \Device\Harddisk0\DR0\Partition0 - ok
    11:56:13.0591 0688 ============================================================
    11:56:13.0591 0688 Scan finished
    11:56:13.0591 0688 ============================================================
    11:56:13.0621 2400 Detected object count: 1
    11:56:13.0621 2400 Actual detected object count: 1
    11:56:15.0934 2400 sptd ( LockedFile.Multi.Generic ) - skipped by user
    11:56:15.0934 2400 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
    11:56:29.0083 1388 Deinitialize success
  2. 2012-01-20, 21:04 #32
    bluefishbeagle
    bluefishbeagle is offline
    Member
    Join Date
    Apr 2008
    Posts
    82

    Default

    Was the VirusTotal scan report what you wanted? The site did not make clear what to send.
  3. 2012-01-20, 21:37 #33
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Well, thats not the entire Virus Total report, go ahead and rerun that file through Jotti

    http://virusscan.jotti.org/en
    C:\WINDOWS\system32\drivers\tcpip.sys


    Logs look ok, how is your system behaving now ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  4. 2012-01-20, 22:05 #34
    bluefishbeagle
    bluefishbeagle is offline
    Member
    Join Date
    Apr 2008
    Posts
    82

    Default

    2012-01-20 Found nothing 2012-01-19 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-19 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-19 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing
    2012-01-20 Found nothing 2012-01-19 Found nothing
    2012-01-20 Found nothing 2012-01-20 Found nothing


    Says nothing found out of 20 scanners.

    The computer seems to be running normal, shut down and reboot created no problems or warnings.
  5. 2012-01-20, 22:21 #35
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Great, that may have been a false positive on the Combofix log, but it dont hurt to check.


    • Click START then RUN
    • Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.







    Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.


    Malwarebytes is the free version and yours to keep and will not be removed





    Safe Surfn
    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  6. 2012-01-20, 23:33 #36
    bluefishbeagle
    bluefishbeagle is offline
    Member
    Join Date
    Apr 2008
    Posts
    82

    Default

    Ken you have been a great help and very patient but I have to admit that I don't know what OTL is. Where is it?
  7. 2012-01-21, 00:10 #37
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    My bad

    Between this forum and all the other ones I am active on I have over 20 threads going, I thought we used this tool in the cleaning of your system but we did not, no biggie you can use this one in lew of OTL

    Now to remove most of the tools that we have used in fixing your machine:
    • Make sure you have an Internet Connection.
    • Download OTC to your desktop and run it
    • A list of tool components used in the cleanup of malware will be downloaded.
    • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
    • Click Yes to begin the cleanup process and remove these components, including this application.
    • You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  8. 2012-01-21, 00:30 #38
    bluefishbeagle
    bluefishbeagle is offline
    Member
    Join Date
    Apr 2008
    Posts
    82

    Default

    Ok great thanks, I know you are a busy man and working multiple problems all at one time. Once again thank you very much for the help you guys are the best. Hope my donation covers some of the costs. Even with all the problems I like PC's used to be a MAC guy but there's no challenge in that Besides I have programs I need than only run on PC and putting windows on a MAC is like putting a dress on a pig. Ha ha.

    Again thanks million
  9. 2012-01-21, 01:19 #39
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Your very welcome

    You take care now

    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  10. 2012-01-25, 13:16 #40
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules