|
|||||||
| Windows 7 Problem solving for the Windows 7 Operating System. Please remember to state which edition of Windows 7 you are using - Starter, Home Basic, Home Premium, Professional, Enterprise or Ultimate. |
 |
|
|
Topic Tools |
|
#16
April 18th, 2010, 09:18 AM
|
||||
|
||||
|
GMER log PART-10
GMER log PART-10
---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[860] kernel32.dll!LoadLibraryExW 7600B6BF 6 Bytes JMP 716B001E .text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[860] WS2_32.dll!getaddrinfo 761F6737 5 Bytes JMP 71680022 .text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[860] WS2_32.dll!gethostbyname 76207133 5 Bytes JMP 716E0022 .text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[1796] kernel32.dll!SetUnhandledExceptionFilter 76013162 4 Bytes [C2, 04, 00, 00] .text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[3712] kernel32.dll!LoadLibraryExW 7600B6BF 6 Bytes JMP 716B001E .text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[3712] WS2_32.dll!getaddrinfo 761F6737 5 Bytes JMP 71680022 .text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[3712] WS2_32.dll!gethostbyname 76207133 5 Bytes JMP 716E0022 ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [892A4042] \SystemRoot\System32\Drivers\spcp.sys IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [892A46D6] \SystemRoot\System32\Drivers\spcp.sys IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [892A4800] \SystemRoot\System32\Drivers\spcp.sys IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [892A413E] \SystemRoot\System32\Drivers\spcp.sys IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortNotification] 00147880 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortQuerySystemTime] 78800C75 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortReadPortUchar] 06750015 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortStallExecution] C25DC033 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortWritePortUchar] 458B0008 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortWritePortUlong] 6A006A08 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 50056A24 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 005AB7E8 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortGetScatterGatherList] 0001B800 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortGetParentBusType] C25D0000 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortRequestCallback] CCCC0008 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortWritePortBufferUshort] CCCCCCCC IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortGetUnCachedExtension] CCCCCCCC IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortCompleteRequest] CCCCCCCC IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortCopyMemory] 53EC8B55 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortEtwTraceLog] 800C5D8B IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 7500117B IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 127B806A IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 80647500 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7500137B IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortInitialize] 157B805E IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortGetDeviceBase] 56587500 IAT \SystemRoot\System32\Drivers\a0hio71x.SYS[ataport.SYS!AtaPortDeviceStateChange] 8008758B ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 856671F8 AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) Device \Driver\NetBT \Device\NetBT_Tcpip_{BE41C52A-BD87-4802-B844-E292B0DD6983} 869191F8 Device \Driver\volmgr \Device\VolMgrControl 856631F8 Device \Driver\usbuhci \Device\USBPDO-0 86BAE1F8 Device \Driver\usbuhci \Device\USBPDO-1 86BAE1F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{53BAB5AD-AAFE-41EC-BCD0-166934779352} 869191F8 Device \Driver\usbuhci \Device\USBPDO-2 86BAE1F8 Device \Driver\usbehci \Device\USBPDO-3 86AD7500 Device \Driver\ACPI_HAL \Device\00000060 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-4 86BAE1F8 Device \Driver\usbuhci \Device\USBPDO-5 86BAE1F8 Device \Driver\usbuhci \Device\USBPDO-6 86BAE1F8 Device \Driver\volmgr \Device\HarddiskVolume1 856631F8 AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\usbehci \Device\USBPDO-7 86AD7500 Device \Driver\volmgr \Device\HarddiskVolume2 856631F8 AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\cdrom \Device\CdRom0 867DB500 Device \Driver\volmgr \Device\HarddiskVolume3 856631F8 AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\cdrom \Device\CdRom1 867DB500 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 856651F8 Device \Driver\atapi \Device\Ide\IdePort0 856651F8 Device \Driver\atapi \Device\Ide\IdePort1 856651F8 Device \Driver\atapi \Device\Ide\IdePort2 856651F8 Device \Driver\atapi \Device\Ide\IdePort3 856651F8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 856651F8 Device \Driver\volmgr \Device\HarddiskVolume4 856631F8 AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\volmgr \Device\HarddiskVolume5 856631F8 AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\volmgr \Device\HarddiskVolume6 856631F8 AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\volmgr \Device\HarddiskVolume7 856631F8 AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\NetBT \Device\NetBt_Wins_Export 869191F8 Device \Driver\USBSTOR \Device\00000083 8680E1F8 Device \Driver\volmgr \Device\HarddiskVolume8 856631F8 AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) Device \Driver\USBSTOR \Device\00000084 8680E1F8 Device \Driver\USBSTOR \Device\00000085 8680E1F8 Device \Driver\USBSTOR \Device\00000086 8680E1F8 Device \Driver\USBSTOR \Device\00000087 8680E1F8 Device \Driver\PCI_PNP7179 \Device\0000006a spcp.sys Device \Driver\usbuhci \Device\USBFDO-0 86BAE1F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{09CE3860-A3F1-4C5C-9625-3A30A4A9B843} 869191F8 Device \Driver\usbuhci \Device\USBFDO-1 86BAE1F8 Device \Driver\usbuhci \Device\USBFDO-2 86BAE1F8 Device \Driver\sptd \Device\3755571180 spcp.sys Device \Driver\usbehci \Device\USBFDO-3 86AD7500 Device \Driver\NetBT \Device\NetBT_Tcpip_{8282C497-9BCE-48D5-ADA2-699F6318FEBD} 869191F8 Device \Driver\usbuhci \Device\USBFDO-4 86BAE1F8 Device \Driver\usbuhci \Device\USBFDO-5 86BAE1F8 Device \Driver\usbuhci \Device\USBFDO-6 86BAE1F8 Device \Driver\usbehci \Device\USBFDO-7 86AD7500 Device \Driver\a0hio71x \Device\Scsi\a0hio71x1Port4Path0Target1Lun0 86B2A500 Device \Driver\a0hio71x \Device\Scsi\a0hio71x1 86B2A500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x06 0xD9 0xDE 0xFE ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x11 0x9E 0x6B 0x9D ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x1E 0xD2 0xF1 0xCC ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14 919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x3A 0xB6 0x10 0x53 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@hdf12 0x06 0xD9 0xDE 0xFE ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x11 0x9E 0x6B 0x9D ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x1E 0xD2 0xF1 0xCC ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919E A49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x3A 0xB6 0x10 0x53 ... ---- EOF - GMER 1.0.15 ---- 
|
|
#17
April 18th, 2010, 11:18 PM
|
||||
|
||||
|
There is nothing in any of your logs to indicate that your operating system is infected however just to be sure, I suggest you run an online scanner.
Go here and download ATF cleaner. Use it to remove all Temp Files, Cookies and Temp Internet Files, Java Cache and any others that you would like to remove. If you also use Opera or Firefox, also click on the cleaning options for each browser. Next please go here and run the online scanner (disable your antivirus program first). Choose to scan My Computer and when the scan has finished, click on "View scan report". Click the "Save Report As" button and in the Browse dialog box, type a name for the scan report file that you want to create and select its type (Text file or Web page). Click OK and save the file to your desktop. Post it here when you have done this. Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
|
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
| Topic Tools | |
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| Virus Infection | jpr1092 | Malware Removal | 16 | November 11th, 2010 03:56 PM |
| HJT log possible virus infection | jviescas | Malware Removal | 3 | September 16th, 2009 04:25 AM |
| Possible virus infection | Ushnish | Windows XP | 1 | August 21st, 2007 08:45 AM |
| Virus Infection yet again | Rackers | Malware Removal | 42 | February 28th, 2007 07:16 PM |
| Virus Infection | Brian M | Windows ME | 4 | April 14th, 2004 06:56 PM |
All times are GMT +1. The time now is 11:11 PM.