MalWare Removal Forum

http://virusscan.jotti.org/en/scanresul ... 99124773d4

says ext sys not allowed
_________________

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-07 15:30:00
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 FUJITSU_MHV2100BH_PL rev.00000029
Running: 4vi5131v.exe; Driver: C:\DOCUME~1\Bill\LOCALS~1\Temp\pwrdyfog.sys


---- System - GMER 1.0.15 ----

SSDT 89033720 ZwCreateKey
SSDT 88EE54A0 ZwCreateMutant
SSDT 89032520 ZwCreateProcess
SSDT 89032820 ZwCreateProcessEx
SSDT 88EE5860 ZwCreateSymbolicLinkObject
SSDT 89034FC0 ZwCreateThread
SSDT 89033D20 ZwDeleteKey
SSDT 89034620 ZwDeleteValueKey
SSDT 88EE5A40 ZwDuplicateObject
SSDT 88EE51A0 ZwLoadDriver
SSDT 89032B20 ZwOpenProcess
SSDT 89034C00 ZwOpenSection
SSDT 89032E20 ZwOpenThread
SSDT 89034020 ZwRenameKey
SSDT 89034320 ZwRestoreKey
SSDT 88EE5680 ZwSetSystemInformation
SSDT 89033A20 ZwSetValueKey
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xA84C0640]
SSDT 89033420 ZwTerminateThread
SSDT 89034DE0 ZwWriteVirtualMemory

Code \??\C:\DOCUME~1\Bill\LOCALS~1\Temp\catchme.sys pIofCallDriver

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_Disk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\meiudf \MeiUDF_CdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

AttachedDevice \Driver\Tcpip \Device\Ip tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)

Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----
don't use aol or view point

otl wont complete window pops up that says list of index out of bounds (487)

OTL stalls when trying to scan google chrome

Thanks, OTC
_________________

Sorry but I do not understand what you mean. Please explain.

I am doing some research to find out what is stopping OTL. Please be patient.

when program was going through the "scan Modules" window pops up> use of index out of bounds (487)

Re: OTL the program was scanning at the bottom of screen you can see what is being scanned,when google chrome started the whole process stopped.

Also the redirection issue has stopped

Thanks

Please try the following:

Reboot the computer into Safe Mode and try to run OTL in this mode.

If you do not know how to start the computer in safe mode let me know and I will give you instructions.

Tried in safe mode the same thing happened. Scans some files and then stall scanning chrome.

Thanks, Bill

Let's check the version of OTL that you are trying to run.

When you open the OTL what is the version that you see at the top of the page. It starts with
OTL by OldTimer and then says Version. It should show 3.2.31.0
If it does not then delete the version of OTL that you have and download the latest version from url=http://oldtimer.geekstogo.com/OTL.exe and run it.

Please tell me if you used the latest version and if not please post the OTL log that you get.

An older version of OTL behaved exactly as you describe its behaviour on your computer.

The OTL is the latest version.

Thanks, Bill

Let's try the following:

Disable SUPERAntiSpyware
Programs like SUPERAntiSpyware, may interfere with the fix, so we need to temporarily disable it.

• Right-click on the SUPERAntiSpyware icon, in the system tray.
• Choose View Control Center... "Preferences/options" button/tab.
• On the General and Startup...tab, uncheck, "Start SUPERAntiSpyware when Windows starts"
• click Close to exit.

Don't forget to enable your SUPERAntiSpyware protection, when your computer is clean.

Now try the OTL again.

Sorry about the many tries to get OTL to run, but it is very disturbing that OTL does not run as expected. We are testing all the simpler solutions before getting to some more coplicated ones that will check the memory of the computer.

Please note that I will be off line an hour from now until about 27 hours from then.

Disregard the last post and try the following instead.

OTS
Please download OTS.exe... by OldTimer. Save it to your desktop.

1. Double click on OTSc.exe to run it.
   If you recieve the "Open File - Security Warning" prompt, press "Run".
2. Click on Run Scan at the top left hand corner. It may take a few minutes...be patient, let it run.
3. When done, Notepad will open with the log file "OTS.txt" contents. File can be found on your desktop.

Please post the entire OTS.txt file contents, in your next reply.

If I don't hear from you within the next 24 hours I am sorry but I will have to close the topic.

Trendmicro keeps removing the OTS download

Thanks, Bill

Can you disable trend Micro for the time it takes to download the OTS and run it. Don't forget to reenable it again once it is done.