Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

TrojanDownloader:win32/Unruy.H

Started by Steven Gottlieb , Mar 02 2012 01:13 PM

  • Please log in to reply

#91
Steven Gottlieb
Posted 31 March 2012 - 08:58 AM

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
The .bat files causes the command prompt to come up immediately when my computer starts. The command prompt says start net dhcp (or something like that). Now the command prompt does not start the dchp for over 3 minutes. After 3 minutes the command prompt says something like starting dhcp and within seconds I have internet.
I am assuming that you got the file(s) that you last requested via email?
  • 0

Advertisements

#92
RKinner
Posted 31 March 2012 - 09:11 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Your Proc Mon log shows it spending a lot of time reading a list of bad sites from the registry. These were probably put in by spybot s&d or similar but let's take them our and see if that speeds things up a bit.

Attached is czone.zip. Download, Save and right click on it and Extract All. You should see two files. Right click on each and MERGE. Then reboot and see if that helped any.
  • 0

#93
Steven Gottlieb
Posted 31 March 2012 - 03:06 PM

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
No improvement.
Thank you,
Steven
  • 0

#94
RKinner
Posted 31 March 2012 - 04:41 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Let's see if we can get a boot log from XP.

Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears then choose Enable Boot Logging. Now choose Safe Mode with Networking. Login with your usual login. This should create a file C:\windows\Ntbtlog.txt Attach that to your next post.
  • 0

#95
Steven Gottlieb
Posted 31 March 2012 - 05:43 PM

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
I was only able to choose enable boot logging or safe mode with networking but not both. Once I choose one or the other the computer 'starts up'. I chose enable boot logging and the log is below.
Steven

Service Pack 3 3 31 2012 19:30:35.375
Loaded driver \WINDOWS\system32\ntkrnlpa.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\System32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver pciide.sys
Loaded driver \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver dmload.sys
Loaded driver dmio.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver nvgts.sys
Loaded driver \WINDOWS\System32\DRIVERS\SCSIPORT.SYS
Loaded driver disk.sys
Loaded driver \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver TLRecAgent.sys
Loaded driver Mup.sys
Loaded driver \SystemRoot\System32\DRIVERS\processr.sys
Loaded driver \SystemRoot\System32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\System32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\usbohci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys
Loaded driver \SystemRoot\System32\DRIVERS\nvnetbus.sys
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\System32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\System32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\system32\DRIVERS\nv4_mini.sys
Loaded driver \SystemRoot\System32\DRIVERS\wmiacpi.sys
Loaded driver \SystemRoot\system32\DRIVERS\smrtdrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\lmimirr.sys
Loaded driver \SystemRoot\System32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\System32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\System32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\System32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\System32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\System32\DRIVERS\psched.sys
Loaded driver \SystemRoot\System32\DRIVERS\rdpdr.sys
Loaded driver \SystemRoot\System32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\System32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\System32\DRIVERS\update.sys
Loaded driver \SystemRoot\System32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\System32\DRIVERS\usbhub.sys
Loaded driver \SystemRoot\System32\DRIVERS\NVENETFD.sys
Loaded driver \SystemRoot\system32\drivers\RtkHDAud.sys
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Fdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Flpydisk.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\System32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\System32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\System32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\System32\Drivers\aswTdi.SYS
Loaded driver \SystemRoot\System32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\System32\Drivers\AswRdr.SYS
Loaded driver \SystemRoot\System32\drivers\ws2ifsl.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Loaded driver \SystemRoot\System32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\System32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \SystemRoot\System32\Drivers\aswSP.SYS
Loaded driver \SystemRoot\system32\DRIVERS\ser2pl.sys
Loaded driver \SystemRoot\System32\DRIVERS\wanarp.sys
Loaded driver \SystemRoot\system32\DRIVERS\serenum.sys
Loaded driver \SystemRoot\System32\Drivers\aswSnx.SYS
Loaded driver \SystemRoot\System32\Drivers\Aavmker4.SYS
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
Loaded driver \SystemRoot\System32\DRIVERS\USBSTOR.SYS
Loaded driver \SystemRoot\system32\DRIVERS\scusbvip.sys
Loaded driver \SystemRoot\system32\drivers\slvad.sys
Loaded driver \SystemRoot\System32\Drivers\aswFsBlk.SYS
Loaded driver \SystemRoot\System32\DRIVERS\ndisuio.sys
Loaded driver \SystemRoot\System32\Drivers\aswMon2.SYS
Did not load driver \SystemRoot\System32\DRIVERS\rdbss.sys
Did not load driver \SystemRoot\System32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\drivers\wdmaud.sys
Loaded driver \SystemRoot\system32\drivers\sysaudio.sys
Loaded driver \SystemRoot\system32\drivers\splitter.sys
Loaded driver \SystemRoot\system32\drivers\aec.sys
Loaded driver \SystemRoot\system32\drivers\swmidi.sys
Loaded driver \SystemRoot\system32\drivers\DMusic.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Loaded driver \SystemRoot\system32\drivers\drmkaud.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Service Pack 3 3 31 2012 19:35:13.375
Loaded driver \WINDOWS\system32\ntkrnlpa.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\System32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver pciide.sys
Loaded driver \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver dmload.sys
Loaded driver dmio.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver nvgts.sys
Loaded driver \WINDOWS\System32\DRIVERS\SCSIPORT.SYS
Loaded driver disk.sys
Loaded driver \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver TLRecAgent.sys
Loaded driver Mup.sys
Loaded driver \SystemRoot\System32\DRIVERS\processr.sys
Loaded driver \SystemRoot\System32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\System32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\usbohci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys
Loaded driver \SystemRoot\System32\DRIVERS\nvnetbus.sys
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\System32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\System32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\system32\DRIVERS\nv4_mini.sys
Loaded driver \SystemRoot\System32\DRIVERS\wmiacpi.sys
Loaded driver \SystemRoot\system32\DRIVERS\smrtdrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\lmimirr.sys
Loaded driver \SystemRoot\System32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\System32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\System32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\System32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\System32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\System32\DRIVERS\psched.sys
Loaded driver \SystemRoot\System32\DRIVERS\rdpdr.sys
Loaded driver \SystemRoot\System32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\System32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\System32\DRIVERS\update.sys
Loaded driver \SystemRoot\System32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\System32\DRIVERS\usbhub.sys
Loaded driver \SystemRoot\System32\DRIVERS\NVENETFD.sys
Loaded driver \SystemRoot\system32\drivers\RtkHDAud.sys
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Fdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Flpydisk.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\System32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\System32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\System32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\System32\Drivers\aswTdi.SYS
Loaded driver \SystemRoot\System32\DRIVERS\wanarp.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\System32\Drivers\AswRdr.SYS
Loaded driver \SystemRoot\System32\drivers\ws2ifsl.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Loaded driver \SystemRoot\System32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\System32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \SystemRoot\System32\Drivers\aswSP.SYS
Loaded driver \SystemRoot\System32\Drivers\aswSnx.SYS
Loaded driver \SystemRoot\System32\Drivers\Aavmker4.SYS
Loaded driver \SystemRoot\system32\DRIVERS\ser2pl.sys
Loaded driver \SystemRoot\system32\DRIVERS\serenum.sys
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
Loaded driver \SystemRoot\System32\DRIVERS\USBSTOR.SYS
Loaded driver \SystemRoot\system32\DRIVERS\scusbvip.sys
Loaded driver \SystemRoot\system32\drivers\slvad.sys
Loaded driver \SystemRoot\System32\Drivers\aswFsBlk.SYS
Loaded driver \SystemRoot\System32\DRIVERS\ndisuio.sys
Loaded driver \SystemRoot\System32\Drivers\aswMon2.SYS
Did not load driver \SystemRoot\System32\DRIVERS\rdbss.sys
Did not load driver \SystemRoot\System32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\drivers\wdmaud.sys
Loaded driver \SystemRoot\system32\drivers\sysaudio.sys
Loaded driver \SystemRoot\system32\drivers\splitter.sys
Loaded driver \SystemRoot\system32\drivers\aec.sys
Loaded driver \SystemRoot\system32\drivers\swmidi.sys
Loaded driver \SystemRoot\system32\drivers\DMusic.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Loaded driver \SystemRoot\system32\drivers\drmkaud.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
  • 0

#96
RKinner
Posted 01 April 2012 - 12:57 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Unfortunately the log doesn't give us times so we can't see what takes so long. I do see several drivers we can try living without:

Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

Obviously the above are from SuperAntiSpyware and they should be gone but have managed to come back somehow.

Get RegSeeker.
http://www.hoverdesk.net/freeware.htm
The download is where it says:
DOWNLOAD RegSeeker 1.55 (>20 languages included !)
It's a zip file so you have to save it then right click on it and Extract All then run regseeker.exe.

Select Find in Registry then have it look for SASKUTIL. You can then select all and then right click and delete selected. Repeat for SASDIFSV

It puts a copy of the stuff it removes in the backups folder which it creates below the folder it is in so if it doesn't work you can go back and replace it.

RegSeeker also has a registry cleaner but I don't really trust registry cleaners so I'd rather you didn't use it.

If that doesn't help then I also see these:

Loaded driver \SystemRoot\system32\drivers\TLRecAgent.sys
Loaded driver \SystemRoot\system32\DRIVERS\scusbvip.sys
Loaded driver \SystemRoot\system32\drivers\slvad.sys


I think these are from a program called Personal VOIP Adapter which is associated with MagicJack and/or Zoom Phone Adaptor so you can try uninstalling it for now if removing the SAS stuff doesn't help.
  • 0

#97
Steven Gottlieb
Posted 01 April 2012 - 03:11 PM

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
OK, I ran the regseeker and removed what you requested. Here goes some info with zoom adapter. I haven't used it for a long while, but about a week ago I tried to use it and it would not work. I uninstalled it and reinstalled it and it has been working perfecting. At your request I just uninstalled it (but would like permission to reinstall it as I frequently use it these days). Now, I do not know if you wanted be to remove system32\DRIVERS\TLRecAgent.sys, system32\DRIVERS\scusbvip.sys and system32\drivers\slvad.sys files using regseeker, but I tried and was unable to do so. Might this really be the problem??!!
Thank you,
Steven
  • 0

#98
RKinner
Posted 01 April 2012 - 04:05 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Is afd still giving an error at boot?

If you uninstalled Zoom before you tried to remove the three drivers it may just mean that they uninstalled correctly. If regseeker found the three drivers and can't remove them then that's another type of problem.

You can put Zoom back when we are done if it didn't make any difference.
  • 0

#99
Steven Gottlieb
Posted 01 April 2012 - 04:55 PM

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
Actually both happened. I uninstalled Zoom before I tried to remove the three driver, then regseeker found the three drivers and couldn't remove them.
Steven
  • 0

#100
Steven Gottlieb
Posted 01 April 2012 - 04:56 PM

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
No, I get no error at boot.
  • 0

Advertisements

#101
RKinner
Posted 01 April 2012 - 05:13 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#102
Steven Gottlieb
Posted 01 April 2012 - 05:28 PM

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Vino's Event Viewer v01c run on Windows XP in English
Report run at 01/04/2012 7:26:15 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/04/2012 7:25:12 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AFD TLRecAgent

Log: 'System' Date/Time: 01/04/2012 7:25:12 PM
Type: error Category: 0
Event: 7023 Source: Service Control Manager
The Human Interface Device Access service terminated with the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 01/04/2012 7:25:12 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 01/04/2012 7:25:12 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The DHCP Client service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

Log: 'System' Date/Time: 01/04/2012 7:25:12 PM
Type: error Category: 0
Event: 7023 Source: Service Control Manager
The TuneUp Theme Extension service terminated with the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 01/04/2012 7:23:24 PM
Type: error Category: 0
Event: 23 Source: Print
Printer HP Officejet 4500 G510a-f fax failed to initialize because a suitable HP Officejet 4500 G510a-f fax driver could not be found.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/04/2012 7:23:18 PM
Type: warning Category: 0
Event: 20 Source: i8042prt
Could not set the keyboard indicator lights.

Log: 'System' Date/Time: 01/04/2012 7:23:18 PM
Type: warning Category: 0
Event: 19 Source: i8042prt
Could not set the keyboard typematic rate and delay.



Vino's Event Viewer v01c run on Windows XP in English
Report run at 01/04/2012 7:25:13 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#103
RKinner
Posted 01 April 2012 - 05:39 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Still a boot error tho you don't see it unless you look in the event logs:
Log: 'System' Date/Time: 01/04/2012 7:25:12 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AFD TLRecAgent

AFD is still slow. Go into Regedit and see if you can find and delete the three drivers that regseeker couldn't remove. You may have to take ownership of the keys.

I assume they will be in

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\

and there may be a second one in

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\

with LEGACY_ in front of the name.

We are going to a party this evening so probably won't get back to the computer before 10 PM tonight (PDT)
  • 0

#104
Steven Gottlieb
Posted 01 April 2012 - 06:13 PM

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
I removed what I found in the registry. There was no slad but there was a slvad_simple which I chose NOT to remove. No improvement.
Enjoy the party.
Steven
  • 0

#105
RKinner
Posted 01 April 2012 - 09:39 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Remove slad_simple too. It's one of them.


Then do another XP boot log (might want to delete the old ntbtlog.txt file first so it doesn't get too big) and post it. Clear the alarms as you did in #101 before you reboot then run VEW once it comes up and post it along with the new ntbtlog.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP