Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

i can not enable antivirus protection [Closed]


  • This topic is locked This topic is locked

#31
ruxandra

ruxandra

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-10-23 19:47:49
Windows 6.0.6000 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 ST9200420AS rev.3.ADC
Running: gmer.exe; Driver: C:\Users\Rux\AppData\Local\Temp\uwrdrpow.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[3636] ntdll.dll!LdrLoadDll 77CCEB00 5 Bytes JMP 6422A650 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3636] kernel32.dll!ActivateActCtx + 2C 76777379 7 Bytes JMP 64467DF7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3636] kernel32.dll!VirtualQuery + 24 7677D172 7 Bytes JMP 6422EDB3 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3636] kernel32.dll!VirtualAllocEx + 54 76799BC5 7 Bytes JMP 64467E1A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3636] GDI32.dll!SetTextAlign + E6 77E97EEF 7 Bytes JMP 64467D78 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipCloneImage] [73A0FBC8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipDrawImageRectI] [739DB9AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipSetInterpolationMode] [739CA31F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipSetCompositingMode] [739CCBFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipCreateFromHDC] [739C8AB2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipCreateBitmapFromStream] [739DCF28] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipGetImageHeight] [739C7D98] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipGetImageWidth] [739C7CFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipDisposeImage] [739C6A64] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipLoadImageFromFileICM] [73A5C1D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipLoadImageFromFile] [739E7F56] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipDeleteGraphics] [739C90CD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipFree] [739D2179] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipAlloc] [739D21A4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdiplusShutdown] [739D7F1C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdiplusStartup] [739D7D3E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[3620] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73A083D5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [613473FB] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6134732D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [61346BCD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6134736D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [613473FB] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6134732D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6134736D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [61346BCD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\USER32.dll [GDI32.dll!GetStockObject] [61345FBC] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6134736D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [613473FB] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6134732D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [61346BCD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHLWAPI.dll [GDI32.dll!GetStockObject] [61345FBC] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [61345EF7] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [613467E4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [613467E4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [613473FB] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [61346BCD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6134736D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6134732D] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!GetStockObject] [61345FBC] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [61345E64] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [61345E26] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [61345FC2] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColor] [61345EF7] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [613467E4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AnimateWindow] [61346057] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileW] [6134609C] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[4796] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileA] [61346142] C:\Program Files\Yahoo!\Messenger\yui.dll

---- Devices - GMER 1.0.15 ----

Device \Driver\BTHUSB \Device\0000009b bthport.sys (Bluetooth Bus Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\BTHUSB \Device\00000099 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\[email protected] 0x43 0xFC 0x71 0x54 ...

---- EOF - GMER 1.0.15 ----
  • 0

Advertisements


#32
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That looks clear as well... How is the computer behaving ?
  • 0

#33
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP